Details: https://nvd.nist.gov/vuln/detail/CVE-2019-15785
The vulnerability is not present in the currently used version, so ignore it. Current version: 20190801 First vulnerable version: 20190813 Signed-off-by: Gyorgy Sarvari <[email protected]> --- meta-oe/recipes-graphics/fontforge/fontforge_20190801.bb | 3 +++ 1 file changed, 3 insertions(+) diff --git a/meta-oe/recipes-graphics/fontforge/fontforge_20190801.bb b/meta-oe/recipes-graphics/fontforge/fontforge_20190801.bb index cb5f4d5ea1..84644f2560 100644 --- a/meta-oe/recipes-graphics/fontforge/fontforge_20190801.bb +++ b/meta-oe/recipes-graphics/fontforge/fontforge_20190801.bb @@ -43,5 +43,8 @@ FILES:${PN} += " \ FILES:${PN}-python = "${PYTHON_SITEPACKAGES_DIR} ${datadir}/${BPN}/python" RDEPENDS:${PN}-python = "python3" +# The vulnerability was introduced after the used revision. +CVE_CHECK_IGNORE += "CVE-2019-15785" + # for e.g kde's oxygen-fonts BBCLASSEXTEND = "native"
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#122178): https://lists.openembedded.org/g/openembedded-devel/message/122178 Mute This Topic: https://lists.openembedded.org/mt/116543624/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
