[OE-core] [PATCH] bind: Whitelist CVE-2019-6470
Adrian Bunk
bunk at stusta.de
Wed Nov 13 08:19:14 UTC 2019
Signed-off-by: Adrian Bunk <bunk at stusta.de>
---
meta/recipes-connectivity/bind/bind_9.11.5-P4.bb | 3 +++
1 file changed, 3 insertions(+)
diff --git a/meta/recipes-connectivity/bind/bind_9.11.5-P4.bb b/meta/recipes-connectivity/bind/bind_9.11.5-P4.bb
index 3e2412dfa4..0a52a66144 100644
--- a/meta/recipes-connectivity/bind/bind_9.11.5-P4.bb
+++ b/meta/recipes-connectivity/bind/bind_9.11.5-P4.bb
@@ -37,6 +37,9 @@ UPSTREAM_CHECK_URI = "https://ftp.isc.org/isc/bind9/"
# stay at 9.11 until 9.16, from 9.16 follow the ESV versions divisible by 4
UPSTREAM_CHECK_REGEX = "(?P<pver>9.(11|16|20|24|28)(\.\d+)+(-P\d+)*)/"
+# Affects: Builds of dhcpd versions prior to version 4.4.1 when using BIND versions 9.11.2 or later
+CVE_CHECK_WHITELIST += "CVE-2019-6470"
+
inherit autotools update-rc.d systemd useradd pkgconfig multilib_script
MULTILIB_SCRIPTS = "${PN}:${bindir}/bind9-config ${PN}:${bindir}/isc-config.sh"
--
2.17.1
More information about the Openembedded-core
mailing list