[oe-commits] [openembedded-core] 15/32: procps: whitelist CVE-2018-1121
git at git.openembedded.org
git at git.openembedded.org
Thu Jan 16 22:39:25 UTC 2020
This is an automated email from the git hooks/post-receive script.
rpurdie pushed a commit to branch warrior
in repository openembedded-core.
commit afc529aa689daed18af29ecc64f3dae1fcbdc282
Author: Ross Burton <ross.burton at intel.com>
AuthorDate: Tue Nov 5 23:44:48 2019 +0200
procps: whitelist CVE-2018-1121
This CVE is about race conditions in 'ps' which make it unsuitable for security
audits. As these race conditions are unavoidable ps shouldn't be used for
security auditing, so this isn't a valid CVE.
Signed-off-by: Ross Burton <ross.burton at intel.com>
Signed-off-by: Richard Purdie <richard.purdie at linuxfoundation.org>
Signed-off-by: Adrian Bunk <bunk at stusta.de>
Signed-off-by: Armin Kuster <akuster808 at gmail.com>
---
meta/recipes-extended/procps/procps_3.3.15.bb | 3 +++
1 file changed, 3 insertions(+)
diff --git a/meta/recipes-extended/procps/procps_3.3.15.bb b/meta/recipes-extended/procps/procps_3.3.15.bb
index 9756db0..a20917b 100644
--- a/meta/recipes-extended/procps/procps_3.3.15.bb
+++ b/meta/recipes-extended/procps/procps_3.3.15.bb
@@ -64,3 +64,6 @@ python __anonymous() {
d.setVarFlag('ALTERNATIVE_LINK_NAME', prog, '%s/%s' % (d.getVar('base_sbindir'), prog))
}
+# 'ps' isn't suitable for use as a security tool so whitelist this CVE.
+# https://bugzilla.redhat.com/show_bug.cgi?id=1575473#c3
+CVE_CHECK_WHITELIST += "CVE-2018-1121"
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.
More information about the Openembedded-commits
mailing list