From: Richard Purdie <[email protected]> The CVE is non-specific and depends on the users of jquery, doesn't make sense to have this flagged against jquery as there is nothing we can do about it.
Signed-off-by: Richard Purdie <[email protected]> (cherry picked from commit 1f82843584f6d2843c5bbd2fe5dcbc654a0fbcfb) Signed-off-by: Steve Sakoman <[email protected]> --- meta/recipes-devtools/jquery/jquery_3.5.0.bb | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/meta/recipes-devtools/jquery/jquery_3.5.0.bb b/meta/recipes-devtools/jquery/jquery_3.5.0.bb index 35ce14e152..efffe05fd2 100644 --- a/meta/recipes-devtools/jquery/jquery_3.5.0.bb +++ b/meta/recipes-devtools/jquery/jquery_3.5.0.bb @@ -17,6 +17,11 @@ SRC_URI[map.sha256sum] = "3149351c8cbc3fb230bbf6188617c7ffda77d9e14333f4f5f0aa1a UPSTREAM_CHECK_REGEX = "jquery-(?P<pver>\d+(\.\d+)+)\.js" +# https://github.com/jquery/jquery/issues/3927 +# There are ways jquery can expose security issues but any issues are in the apps exposing them +# and there is little we can directly do +CVE_CHECK_WHITELIST += "CVE-2007-2379" + inherit allarch do_install() { -- 2.25.1
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#151952): https://lists.openembedded.org/g/openembedded-core/message/151952 Mute This Topic: https://lists.openembedded.org/mt/82887668/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
