[OE-core] [poky][dunfell][PATCH] db: Whitelist CVEs

Mon, 13 Sep 2021 05:45:53 -0700 

From: Saloni Jain <[email protected]>

Below CVE affects only Oracle Berkeley DB as per upstream.
Hence, whitelisted them.

1. CVE-2015-2583
Link: https://security-tracker.debian.org/tracker/CVE-2015-2583
2. CVE-2015-2624
Link: https://security-tracker.debian.org/tracker/CVE-2015-2624
3. CVE-2015-2626
Link: https://security-tracker.debian.org/tracker/CVE-2015-2626
4. CVE-2015-2640
Link: https://security-tracker.debian.org/tracker/CVE-2015-2640
5. CVE-2015-2654
Link: https://security-tracker.debian.org/tracker/CVE-2015-2654
6. CVE-2015-2656
Link: https://security-tracker.debian.org/tracker/CVE-2015-2656
7. CVE-2015-4754
Link: https://security-tracker.debian.org/tracker/CVE-2015-4754
8. CVE-2015-4764
Link: https://security-tracker.debian.org/tracker/CVE-2015-4764
9. CVE-2015-4774
Link: https://security-tracker.debian.org/tracker/CVE-2015-4774
10. CVE-2015-4775
Link: https://security-tracker.debian.org/tracker/CVE-2015-4775
11. CVE-2015-4776
Link: https://security-tracker.debian.org/tracker/CVE-2015-4776
12. CVE-2015-4777
Link: https://security-tracker.debian.org/tracker/CVE-2015-4777
13. CVE-2015-4778
Link: https://security-tracker.debian.org/tracker/CVE-2015-4778
14. CVE-2015-4779
Link: https://security-tracker.debian.org/tracker/CVE-2015-4779
15. CVE-2015-4780
Link: https://security-tracker.debian.org/tracker/CVE-2015-4780
16. CVE-2015-4781
Link: https://security-tracker.debian.org/tracker/CVE-2015-4781
17. CVE-2015-4782
Link: https://security-tracker.debian.org/tracker/CVE-2015-4782
18. CVE-2015-4783
Link: https://security-tracker.debian.org/tracker/CVE-2015-4783
19. CVE-2015-4784
Link: https://security-tracker.debian.org/tracker/CVE-2015-4784
20. CVE-2015-4785
Link: https://security-tracker.debian.org/tracker/CVE-2015-4785
21. CVE-2015-4786
Link: https://security-tracker.debian.org/tracker/CVE-2015-4786
22. CVE-2015-4787
Link: https://security-tracker.debian.org/tracker/CVE-2015-4787
23. CVE-2015-4788
Link: https://security-tracker.debian.org/tracker/CVE-2015-4788
24. CVE-2015-4789
Link: https://security-tracker.debian.org/tracker/CVE-2015-4789
25. CVE-2015-4790
Link: https://security-tracker.debian.org/tracker/CVE-2015-4790
26. CVE-2016-0682
Link: https://security-tracker.debian.org/tracker/CVE-2016-0682
27. CVE-2016-0689
Link: https://security-tracker.debian.org/tracker/CVE-2016-0689
28. CVE-2016-0692
Link: https://security-tracker.debian.org/tracker/CVE-2016-0692
29. CVE-2016-0694
Link: https://security-tracker.debian.org/tracker/CVE-2016-0694
30. CVE-2016-3418
Link: https://security-tracker.debian.org/tracker/CVE-2016-3418
31. CVE-2017-3604
Link: https://security-tracker.debian.org/tracker/CVE-2017-3604
32. CVE-2017-3605
Link: https://security-tracker.debian.org/tracker/CVE-2017-3605
33. CVE-2017-3606
Link: https://security-tracker.debian.org/tracker/CVE-2017-3606
34. CVE-2017-3607
Link: https://security-tracker.debian.org/tracker/CVE-2017-3607
35. CVE-2017-3608
Link: https://security-tracker.debian.org/tracker/CVE-2017-3608
36. CVE-2017-3609
Link: https://security-tracker.debian.org/tracker/CVE-2017-3609
37. CVE-2017-3610
Link: https://security-tracker.debian.org/tracker/CVE-2017-3610
38. CVE-2017-3611
Link: https://security-tracker.debian.org/tracker/CVE-2017-3611
39. CVE-2017-3612
Link: https://security-tracker.debian.org/tracker/CVE-2017-3612
40. CVE-2017-3613
Link: https://security-tracker.debian.org/tracker/CVE-2017-3613
41. CVE-2017-3614
Link: https://security-tracker.debian.org/tracker/CVE-2017-3614
42. CVE-2017-3615
Link: https://security-tracker.debian.org/tracker/CVE-2017-3615
43. CVE-2017-3616
Link: https://security-tracker.debian.org/tracker/CVE-2017-3616
44. CVE-2017-3617
Link: https://security-tracker.debian.org/tracker/CVE-2017-3617
45. CVE-2020-2981
Link: https://security-tracker.debian.org/tracker/CVE-2020-2981

Signed-off-by: Saloni <[email protected]>
---
 meta/recipes-support/db/db_5.3.28.bb | 92 ++++++++++++++++++++++++++++
 1 file changed, 92 insertions(+)

diff --git a/meta/recipes-support/db/db_5.3.28.bb 
b/meta/recipes-support/db/db_5.3.28.bb
index b2ae98f05c..000e9ef468 100644
--- a/meta/recipes-support/db/db_5.3.28.bb
+++ b/meta/recipes-support/db/db_5.3.28.bb
@@ -39,6 +39,98 @@ SRC_URI[sha256sum] = 
"e0a992d740709892e81f9d93f06daf305cf73fb81b545afe7247804317
 
 LIC_FILES_CHKSUM = "file://LICENSE;md5=ed1158e31437f4f87cdd4ab2b8613955"
 
+# Below CVEs affects only Oracle Berkeley DB as per upstream.
+# https://security-tracker.debian.org/tracker/CVE-2015-2583
+CVE_CHECK_WHITELIST += "CVE-2015-2583"
+# https://security-tracker.debian.org/tracker/CVE-2015-2624
+CVE_CHECK_WHITELIST += "CVE-2015-2624"
+# https://security-tracker.debian.org/tracker/CVE-2015-2626
+CVE_CHECK_WHITELIST += "CVE-2015-2626"
+# https://security-tracker.debian.org/tracker/CVE-2015-2640
+CVE_CHECK_WHITELIST += "CVE-2015-2640"
+# https://security-tracker.debian.org/tracker/CVE-2015-2654
+CVE_CHECK_WHITELIST += "CVE-2015-2654"
+# https://security-tracker.debian.org/tracker/CVE-2015-2656
+CVE_CHECK_WHITELIST += "CVE-2015-2656"
+# https://security-tracker.debian.org/tracker/CVE-2015-4754
+CVE_CHECK_WHITELIST += "CVE-2015-4754"
+# https://security-tracker.debian.org/tracker/CVE-2015-4764
+CVE_CHECK_WHITELIST += "CVE-2015-4764"
+# https://security-tracker.debian.org/tracker/CVE-2015-4774
+CVE_CHECK_WHITELIST += "CVE-2015-4774"
+# https://security-tracker.debian.org/tracker/CVE-2015-4775
+CVE_CHECK_WHITELIST += "CVE-2015-4775"
+# https://security-tracker.debian.org/tracker/CVE-2015-4776
+CVE_CHECK_WHITELIST += "CVE-2015-4776"
+# https://security-tracker.debian.org/tracker/CVE-2015-4777
+CVE_CHECK_WHITELIST += "CVE-2015-4777"
+# https://security-tracker.debian.org/tracker/CVE-2015-4778
+CVE_CHECK_WHITELIST += "CVE-2015-4778"
+# https://security-tracker.debian.org/tracker/CVE-2015-4779
+CVE_CHECK_WHITELIST += "CVE-2015-4779"
+# https://security-tracker.debian.org/tracker/CVE-2015-4780
+CVE_CHECK_WHITELIST += "CVE-2015-4780"
+# https://security-tracker.debian.org/tracker/CVE-2015-4781
+CVE_CHECK_WHITELIST += "CVE-2015-4781"
+# https://security-tracker.debian.org/tracker/CVE-2015-4782
+CVE_CHECK_WHITELIST += "CVE-2015-4782"
+# https://security-tracker.debian.org/tracker/CVE-2015-4783
+CVE_CHECK_WHITELIST += "CVE-2015-4783"
+# https://security-tracker.debian.org/tracker/CVE-2015-4784
+CVE_CHECK_WHITELIST += "CVE-2015-4784"
+# https://security-tracker.debian.org/tracker/CVE-2015-4785
+CVE_CHECK_WHITELIST += "CVE-2015-4785"
+# https://security-tracker.debian.org/tracker/CVE-2015-4786
+CVE_CHECK_WHITELIST += "CVE-2015-4786"
+# https://security-tracker.debian.org/tracker/CVE-2015-4787
+CVE_CHECK_WHITELIST += "CVE-2015-4787"
+# https://security-tracker.debian.org/tracker/CVE-2015-4788
+CVE_CHECK_WHITELIST += "CVE-2015-4788"
+# https://security-tracker.debian.org/tracker/CVE-2015-4789
+CVE_CHECK_WHITELIST += "CVE-2015-4789"
+# https://security-tracker.debian.org/tracker/CVE-2015-4790
+CVE_CHECK_WHITELIST += "CVE-2015-4790"
+# https://security-tracker.debian.org/tracker/CVE-2016-0682
+CVE_CHECK_WHITELIST += "CVE-2016-0682"
+# https://security-tracker.debian.org/tracker/CVE-2016-0689
+CVE_CHECK_WHITELIST += "CVE-2016-0689"
+# https://security-tracker.debian.org/tracker/CVE-2016-0692
+CVE_CHECK_WHITELIST += "CVE-2016-0692"
+# https://security-tracker.debian.org/tracker/CVE-2016-0694
+CVE_CHECK_WHITELIST += "CVE-2016-0694"
+# https://security-tracker.debian.org/tracker/CVE-2016-3418
+CVE_CHECK_WHITELIST += "CVE-2016-3418"
+# https://security-tracker.debian.org/tracker/CVE-2017-3604
+CVE_CHECK_WHITELIST += "CVE-2017-3604"
+# https://security-tracker.debian.org/tracker/CVE-2017-3605
+CVE_CHECK_WHITELIST += "CVE-2017-3605"
+# https://security-tracker.debian.org/tracker/CVE-2017-3606
+CVE_CHECK_WHITELIST += "CVE-2017-3606"
+# https://security-tracker.debian.org/tracker/CVE-2017-3607
+CVE_CHECK_WHITELIST += "CVE-2017-3607"
+# https://security-tracker.debian.org/tracker/CVE-2017-3608
+CVE_CHECK_WHITELIST += "CVE-2017-3608"
+# https://security-tracker.debian.org/tracker/CVE-2017-3609
+CVE_CHECK_WHITELIST += "CVE-2017-3609"
+# https://security-tracker.debian.org/tracker/CVE-2017-3610
+CVE_CHECK_WHITELIST += "CVE-2017-3610"
+# https://security-tracker.debian.org/tracker/CVE-2017-3611
+CVE_CHECK_WHITELIST += "CVE-2017-3611"
+# https://security-tracker.debian.org/tracker/CVE-2017-3612
+CVE_CHECK_WHITELIST += "CVE-2017-3612"
+# https://security-tracker.debian.org/tracker/CVE-2017-3613
+CVE_CHECK_WHITELIST += "CVE-2017-3613"
+# https://security-tracker.debian.org/tracker/CVE-2017-3614
+CVE_CHECK_WHITELIST += "CVE-2017-3614"
+# https://security-tracker.debian.org/tracker/CVE-2017-3615
+CVE_CHECK_WHITELIST += "CVE-2017-3615"
+# https://security-tracker.debian.org/tracker/CVE-2017-3616
+CVE_CHECK_WHITELIST += "CVE-2017-3616"
+# https://security-tracker.debian.org/tracker/CVE-2017-3617
+CVE_CHECK_WHITELIST += "CVE-2017-3617"
+# https://security-tracker.debian.org/tracker/CVE-2020-2981
+CVE_CHECK_WHITELIST += "CVE-2020-2981"
+
 inherit autotools
 
 # The executables go in a separate package - typically there
-- 
2.17.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#155973): 
https://lists.openembedded.org/g/openembedded-core/message/155973
Mute This Topic: https://lists.openembedded.org/mt/85573913/21656
Group Owner: [email protected]
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[[email protected]]
-=-=-=-=-=-=-=-=-=-=-=-

Reply via email to