[OE-core] [warrior 19/29] lz4: Whitelist CVE-2014-4715
Armin Kuster
akuster808 at gmail.com
Sun Jan 26 16:24:44 UTC 2020
From: Adrian Bunk <bunk at stusta.de>
Signed-off-by: Adrian Bunk <bunk at stusta.de>
Signed-off-by: Richard Purdie <richard.purdie at linuxfoundation.org>
Signed-off-by: Anuj Mittal <anuj.mittal at intel.com>
---
meta/recipes-support/lz4/lz4_1.8.3.bb | 3 +++
1 file changed, 3 insertions(+)
diff --git a/meta/recipes-support/lz4/lz4_1.8.3.bb b/meta/recipes-support/lz4/lz4_1.8.3.bb
index 125836f7bf..605e148d81 100644
--- a/meta/recipes-support/lz4/lz4_1.8.3.bb
+++ b/meta/recipes-support/lz4/lz4_1.8.3.bb
@@ -18,6 +18,9 @@ UPSTREAM_CHECK_GITTAGREGEX = "v(?P<pver>.*)"
S = "${WORKDIR}/git"
+# Fixed in r118, which is larger than the current version.
+CVE_CHECK_WHITELIST += "CVE-2014-4715"
+
EXTRA_OEMAKE = "PREFIX=${prefix} CC='${CC}' DESTDIR=${D} LIBDIR=${libdir} INCLUDEDIR=${includedir}"
do_install() {
--
2.17.1
More information about the Openembedded-core
mailing list