From b1bdeda784574bf2b20862b71e5ff75897e0079a Mon Sep 17 00:00:00 2001 From: Richard Purdie Date: Tue, 11 May 2021 14:13:08 +0100 Subject: tiff: Exclude CVE-2015-7313 from cve-check Some fix upstream addresses the issue, it isn't clear which change this was. Our current version doesn't have issues with the test image though so we can exclude. (From OE-Core rev: 65124cac1ac1d0b746eacfe128da19c353f07eb0) Signed-off-by: Richard Purdie --- meta/recipes-multimedia/libtiff/tiff_4.2.0.bb | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/meta/recipes-multimedia/libtiff/tiff_4.2.0.bb b/meta/recipes-multimedia/libtiff/tiff_4.2.0.bb index ea8580a25e..6ca01af2fa 100644 --- a/meta/recipes-multimedia/libtiff/tiff_4.2.0.bb +++ b/meta/recipes-multimedia/libtiff/tiff_4.2.0.bb @@ -15,6 +15,10 @@ SRC_URI[sha256sum] = "eb0484e568ead8fa23b513e9b0041df7e327f4ee2d22db5a533929dfc1 # exclude betas UPSTREAM_CHECK_REGEX = "tiff-(?P\d+(\.\d+)+).tar" +# Tested with check from https://security-tracker.debian.org/tracker/CVE-2015-7313 +# and 4.3.0 doesn't have the issue +CVE_CHECK_WHITELIST += "CVE-2015-7313" + inherit autotools multilib_header CACHED_CONFIGUREVARS = "ax_cv_check_gl_libgl=no" -- cgit v1.2.3-54-g00ecf