summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAdrian Bunk <bunk@stusta.de>2019-12-05 23:42:27 +0200
committerRichard Purdie <richard.purdie@linuxfoundation.org>2019-12-09 11:56:41 +0000
commit492d43296b15514ec72dfb15f37c6d2ab1fbbae3 (patch)
tree969a8ad9af5ac7ce52805f431fdcbf7fc7d51bdd
parent0406dd71964fca391b57f7bf43a7f37f6549fa15 (diff)
downloadopenembedded-core-contrib-492d43296b15514ec72dfb15f37c6d2ab1fbbae3.tar.gz
openembedded-core-contrib-492d43296b15514ec72dfb15f37c6d2ab1fbbae3.tar.bz2
openembedded-core-contrib-492d43296b15514ec72dfb15f37c6d2ab1fbbae3.zip
openssl: Whitelist CVE-2019-0190
This is only a problem with older Apache versions. Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-rw-r--r--meta/recipes-connectivity/openssl/openssl_1.1.1d.bb4
1 files changed, 4 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/openssl/openssl_1.1.1d.bb b/meta/recipes-connectivity/openssl/openssl_1.1.1d.bb
index 8819e19ec4..f653e05acc 100644
--- a/meta/recipes-connectivity/openssl/openssl_1.1.1d.bb
+++ b/meta/recipes-connectivity/openssl/openssl_1.1.1d.bb
@@ -202,3 +202,7 @@ RDEPENDS_${PN}-ptest += "openssl-bin perl perl-modules bash"
BBCLASSEXTEND = "native nativesdk"
CVE_PRODUCT = "openssl:openssl"
+
+# Only affects OpenSSL >= 1.1.1 in combination with Apache < 2.4.37
+# Apache in meta-webserver is already recent enough
+CVE_CHECK_WHITELIST += "CVE-2019-0190"