[OE-core] [PATCH 2/2] rsync: whitelist CVE-2017-16548
chee.yang.lee at intel.com
chee.yang.lee at intel.com
Tue Jan 21 05:26:47 UTC 2020
From: Lee Chee Yang <chee.yang.lee at intel.com>
patch for this CVE applies to v3.1.3pre1 not for v3.1.3.
patch already in v3.1.3.
see
https://git.samba.org/rsync.git/?p=rsync.git;a=commitdiff;h=47a63d90e71d3e19e0e96052bb8c6b9cb140ecc1;hp=bc112b0e7feece62ce98708092306639a8a53cce
Signed-off-by: Lee Chee Yang <chee.yang.lee at intel.com>
---
meta/recipes-devtools/rsync/rsync_3.1.3.bb | 3 +++
1 file changed, 3 insertions(+)
diff --git a/meta/recipes-devtools/rsync/rsync_3.1.3.bb b/meta/recipes-devtools/rsync/rsync_3.1.3.bb
index ffb1d06..152ff02 100644
--- a/meta/recipes-devtools/rsync/rsync_3.1.3.bb
+++ b/meta/recipes-devtools/rsync/rsync_3.1.3.bb
@@ -20,6 +20,9 @@ SRC_URI = "https://download.samba.org/pub/${BPN}/src/${BP}.tar.gz \
SRC_URI[md5sum] = "1581a588fde9d89f6bc6201e8129afaf"
SRC_URI[sha256sum] = "55cc554efec5fdaad70de921cd5a5eeb6c29a95524c715f3bbf849235b0800c0"
+# -16548 required for v3.1.3pre1. Already in v3.1.3.
+CVE_CHECK_WHITELIST += " CVE-2017-16548 "
+
inherit autotools
PACKAGECONFIG ??= "acl attr \
--
2.7.4
More information about the Openembedded-core
mailing list