[OE-core] [zeus 02/29] rsync: whitelist CVE-2017-16548
Armin Kuster
akuster808 at gmail.com
Sun Feb 9 16:09:30 UTC 2020
From: Lee Chee Yang <chee.yang.lee at intel.com>
patch for this CVE applies to v3.1.3pre1 not for v3.1.3.
patch already in v3.1.3.
see
https://git.samba.org/rsync.git/?p=rsync.git;a=commitdiff;h=47a63d90e71d3e19e0e96052bb8c6b9cb140ecc1;hp=bc112b0e7feece62ce98708092306639a8a53cce
(From OE-Core rev: 1e2739c821312527010fb0afbde5a20cd3f03d24)
Signed-off-by: Lee Chee Yang <chee.yang.lee at intel.com>
Signed-off-by: Richard Purdie <richard.purdie at linuxfoundation.org>
---
meta/recipes-devtools/rsync/rsync_3.1.3.bb | 3 +++
1 file changed, 3 insertions(+)
diff --git a/meta/recipes-devtools/rsync/rsync_3.1.3.bb b/meta/recipes-devtools/rsync/rsync_3.1.3.bb
index ffb1d061c0..152ff02a25 100644
--- a/meta/recipes-devtools/rsync/rsync_3.1.3.bb
+++ b/meta/recipes-devtools/rsync/rsync_3.1.3.bb
@@ -20,6 +20,9 @@ SRC_URI = "https://download.samba.org/pub/${BPN}/src/${BP}.tar.gz \
SRC_URI[md5sum] = "1581a588fde9d89f6bc6201e8129afaf"
SRC_URI[sha256sum] = "55cc554efec5fdaad70de921cd5a5eeb6c29a95524c715f3bbf849235b0800c0"
+# -16548 required for v3.1.3pre1. Already in v3.1.3.
+CVE_CHECK_WHITELIST += " CVE-2017-16548 "
+
inherit autotools
PACKAGECONFIG ??= "acl attr \
--
2.17.1
More information about the Openembedded-core
mailing list