[OE-core] [warrior][PATCH] lz4: Whitelist CVE-2014-4715
Adrian Bunk
bunk at stusta.de
Fri Jan 17 17:14:35 UTC 2020
Signed-off-by: Adrian Bunk <bunk at stusta.de>
Signed-off-by: Richard Purdie <richard.purdie at linuxfoundation.org>
Signed-off-by: Anuj Mittal <anuj.mittal at intel.com>
---
meta/recipes-support/lz4/lz4_1.8.3.bb | 3 +++
1 file changed, 3 insertions(+)
diff --git a/meta/recipes-support/lz4/lz4_1.8.3.bb b/meta/recipes-support/lz4/lz4_1.8.3.bb
index 125836f7bf..605e148d81 100644
--- a/meta/recipes-support/lz4/lz4_1.8.3.bb
+++ b/meta/recipes-support/lz4/lz4_1.8.3.bb
@@ -18,6 +18,9 @@ UPSTREAM_CHECK_GITTAGREGEX = "v(?P<pver>.*)"
S = "${WORKDIR}/git"
+# Fixed in r118, which is larger than the current version.
+CVE_CHECK_WHITELIST += "CVE-2014-4715"
+
EXTRA_OEMAKE = "PREFIX=${prefix} CC='${CC}' DESTDIR=${D} LIBDIR=${libdir} INCLUDEDIR=${includedir}"
do_install() {
--
2.17.1
More information about the Openembedded-core
mailing list