diff options
author | 2016-11-04 11:06:31 +0000 | |
---|---|---|
committer | 2016-11-15 15:18:48 +0000 | |
commit | b881a288eec598002685f68da80a24e0478fa496 (patch) | |
tree | 5252f43b1832f6fb8491ece5a4955e40699bb1da /.templateconf | |
parent | b5a036ce958e3fe24690531712071abc14b48033 (diff) | |
download | openembedded-core-contrib-b881a288eec598002685f68da80a24e0478fa496.tar.gz |
cve-check.bbclass: CVE-2014-2524 / readline v5.2
Contrary to the CVE report, the vulnerable trace functions
don't exist in readline v5.2 (which we keep for GPLv2+
purposes), they were added in readline v6.0 only - let's
whitelist that CVE in order to avoid false positives.
See also the discussion in
https://patchwork.openembedded.org/patch/81765/
Signed-off-by: André Draszik <adraszik@tycoint.com>
Reviewed-by: Lukasz Nowak <lnowak@tycoint.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Diffstat (limited to '.templateconf')
0 files changed, 0 insertions, 0 deletions