From: Adrian Bunk <b...@stusta.de> This is only a problem with older Apache versions.
(From OE-Core rev: 492d43296b15514ec72dfb15f37c6d2ab1fbbae3) Signed-off-by: Adrian Bunk <b...@stusta.de> Signed-off-by: Richard Purdie <richard.pur...@linuxfoundation.org> Signed-off-by: Anuj Mittal <anuj.mit...@intel.com> --- meta/recipes-connectivity/openssl/openssl_1.1.1d.bb | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/meta/recipes-connectivity/openssl/openssl_1.1.1d.bb b/meta/recipes-connectivity/openssl/openssl_1.1.1d.bb index 9fe80e5fd2..458ae7daf4 100644 --- a/meta/recipes-connectivity/openssl/openssl_1.1.1d.bb +++ b/meta/recipes-connectivity/openssl/openssl_1.1.1d.bb @@ -203,3 +203,7 @@ RDEPENDS_${PN}-ptest += "openssl-bin perl perl-modules bash" BBCLASSEXTEND = "native nativesdk" CVE_PRODUCT = "openssl:openssl" + +# Only affects OpenSSL >= 1.1.1 in combination with Apache < 2.4.37 +# Apache in meta-webserver is already recent enough +CVE_CHECK_WHITELIST += "CVE-2019-0190" -- 2.21.0 -- _______________________________________________ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core