[oe-commits] [openembedded-core] 21/29: systemd: Whitelist CVE-2018-21029 CVE-2019-3843 CVE-2019-3844
git at git.openembedded.org
git at git.openembedded.org
Tue Jan 28 11:52:03 UTC 2020
This is an automated email from the git hooks/post-receive script.
rpurdie pushed a commit to branch warrior
in repository openembedded-core.
commit d328696acfd4967d19e32680033d9594dd00b92c
Author: Adrian Bunk <bunk at stusta.de>
AuthorDate: Fri Jan 17 18:58:13 2020 +0200
systemd: Whitelist CVE-2018-21029 CVE-2019-3843 CVE-2019-3844
One does not strictly apply to 241, for the other two a fix
was already backported to the 241 branch.
Signed-off-by: Adrian Bunk <bunk at stusta.de>
Signed-off-by: Armin Kuster <akuster808 at gmail.com>
---
meta/recipes-core/systemd/systemd.inc | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/meta/recipes-core/systemd/systemd.inc b/meta/recipes-core/systemd/systemd.inc
index 2b9c291..cb41ac5 100644
--- a/meta/recipes-core/systemd/systemd.inc
+++ b/meta/recipes-core/systemd/systemd.inc
@@ -14,6 +14,13 @@ LICENSE = "GPLv2 & LGPLv2.1"
LIC_FILES_CHKSUM = "file://LICENSE.GPL2;md5=751419260aa954499f7abaabaa882bbe \
file://LICENSE.LGPL2.1;md5=4fbd65380cdd255951079008b364516c"
+# DNSOverTLS strict mode was added in 243
+# https://github.com/systemd/systemd/issues/9397
+CVE_CHECK_WHITELIST += "CVE-2018-21029"
+
+# Commit dc903ec516cb on the 241 branch
+CVE_CHECK_WHITELIST += "CVE-2019-3843 CVE-2019-3844"
+
SRCREV = "511646b8ac5c82f210b16920044465756913d238"
SRCBRANCH = "v241-stable"
SRC_URI = "git://github.com/systemd/systemd-stable.git;protocol=git;branch=${SRCBRANCH}"
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.
More information about the Openembedded-commits
mailing list