[OE-core] [PATCH] lz4: Whitelist CVE-2014-4715
Adrian Bunk
bunk at stusta.de
Mon Nov 4 20:55:04 UTC 2019
Signed-off-by: Adrian Bunk <bunk at stusta.de>
---
meta/recipes-support/lz4/lz4_1.9.2.bb | 3 +++
1 file changed, 3 insertions(+)
diff --git a/meta/recipes-support/lz4/lz4_1.9.2.bb b/meta/recipes-support/lz4/lz4_1.9.2.bb
index f0a8416a96..ed4452c82e 100644
--- a/meta/recipes-support/lz4/lz4_1.9.2.bb
+++ b/meta/recipes-support/lz4/lz4_1.9.2.bb
@@ -18,6 +18,9 @@ UPSTREAM_CHECK_GITTAGREGEX = "v(?P<pver>.*)"
S = "${WORKDIR}/git"
+# Fixed in r118, which is larger than the current version.
+CVE_CHECK_WHITELIST += "CVE-2014-4715"
+
EXTRA_OEMAKE = "PREFIX=${prefix} CC='${CC}' DESTDIR=${D} LIBDIR=${libdir} INCLUDEDIR=${includedir}"
do_install() {
--
2.17.1
More information about the Openembedded-core
mailing list