[OE-core] [zeus 01/35] lz4: Whitelist CVE-2014-4715
Armin Kuster
akuster808 at gmail.com
Sun Nov 24 23:50:06 UTC 2019
From: Adrian Bunk <bunk at stusta.de>
Signed-off-by: Adrian Bunk <bunk at stusta.de>
Signed-off-by: Richard Purdie <richard.purdie at linuxfoundation.org>
Signed-off-by: Anuj Mittal <anuj.mittal at intel.com>
---
meta/recipes-support/lz4/lz4_1.9.2.bb | 3 +++
1 file changed, 3 insertions(+)
diff --git a/meta/recipes-support/lz4/lz4_1.9.2.bb b/meta/recipes-support/lz4/lz4_1.9.2.bb
index f0a8416..ed4452c 100644
--- a/meta/recipes-support/lz4/lz4_1.9.2.bb
+++ b/meta/recipes-support/lz4/lz4_1.9.2.bb
@@ -18,6 +18,9 @@ UPSTREAM_CHECK_GITTAGREGEX = "v(?P<pver>.*)"
S = "${WORKDIR}/git"
+# Fixed in r118, which is larger than the current version.
+CVE_CHECK_WHITELIST += "CVE-2014-4715"
+
EXTRA_OEMAKE = "PREFIX=${prefix} CC='${CC}' DESTDIR=${D} LIBDIR=${libdir} INCLUDEDIR=${includedir}"
do_install() {
--
2.7.4
More information about the Openembedded-core
mailing list