From: Richard Purdie <[email protected]> These CVEs apply to the way logrotate was installed on Gentoo, Debian and SUSE, exclude from cve-check as they don't apply to OE.
Signed-off-by: Richard Purdie <[email protected]> (cherry picked from commit 23643016f3b8794db772e333ff0b8f598571b628) Signed-off-by: Steve Sakoman <[email protected]> --- meta/recipes-extended/logrotate/logrotate_3.15.1.bb | 3 +++ 1 file changed, 3 insertions(+) diff --git a/meta/recipes-extended/logrotate/logrotate_3.15.1.bb b/meta/recipes-extended/logrotate/logrotate_3.15.1.bb index 503a0622b1..7c1b77add8 100644 --- a/meta/recipes-extended/logrotate/logrotate_3.15.1.bb +++ b/meta/recipes-extended/logrotate/logrotate_3.15.1.bb @@ -22,6 +22,9 @@ SRC_URI = "https://github.com/${BPN}/${BPN}/releases/download/${PV}/${BP}.tar.xz SRC_URI[md5sum] = "afe109afea749c306ff489203fde6beb" SRC_URI[sha256sum] = "491fec9e89f1372f02a0ab66579aa2e9d63cac5178dfa672c204c88e693a908b" +# These CVEs are debian, gentoo or SUSE specific on the way logrotate was installed/used +CVE_CHECK_WHITELIST += "CVE-2011-1548 CVE-2011-1549 CVE-2011-1550" + PACKAGECONFIG ?= "${@bb.utils.filter('DISTRO_FEATURES', 'acl selinux', d)}" PACKAGECONFIG[acl] = ",,acl" -- 2.25.1
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#151953): https://lists.openembedded.org/g/openembedded-core/message/151953 Mute This Topic: https://lists.openembedded.org/mt/82887669/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
