aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRichard Purdie <richard.purdie@linuxfoundation.org>2021-05-10 16:40:11 +0100
committerRichard Purdie <richard.purdie@linuxfoundation.org>2021-05-11 11:53:23 +0100
commit23643016f3b8794db772e333ff0b8f598571b628 (patch)
tree7793c34a1984ba170765f12401ec749a2ffeb14b
parent1f82843584f6d2843c5bbd2fe5dcbc654a0fbcfb (diff)
downloadopenembedded-core-contrib-23643016f3b8794db772e333ff0b8f598571b628.tar.gz
openembedded-core-contrib-23643016f3b8794db772e333ff0b8f598571b628.tar.bz2
openembedded-core-contrib-23643016f3b8794db772e333ff0b8f598571b628.zip
logrotate: Exclude CVE-2011-1548,1549,1550 from cve-check
These CVEs apply to the way logrotate was installed on Gentoo, Debian and SUSE, exclude from cve-check as they don't apply to OE. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-rw-r--r--meta/recipes-extended/logrotate/logrotate_3.18.0.bb3
1 files changed, 3 insertions, 0 deletions
diff --git a/meta/recipes-extended/logrotate/logrotate_3.18.0.bb b/meta/recipes-extended/logrotate/logrotate_3.18.0.bb
index 55684ac9fb..c2115e7142 100644
--- a/meta/recipes-extended/logrotate/logrotate_3.18.0.bb
+++ b/meta/recipes-extended/logrotate/logrotate_3.18.0.bb
@@ -21,6 +21,9 @@ SRC_URI = "https://github.com/${BPN}/${BPN}/releases/download/${PV}/${BP}.tar.xz
SRC_URI[sha256sum] = "841f81bf09d0014e4a2e11af166bb33fcd8429cc0c2d4a7d3d9ceb3858cfccc5"
+# These CVEs are debian, gentoo or SUSE specific on the way logrotate was installed/used
+CVE_CHECK_WHITELIST += "CVE-2011-1548 CVE-2011-1549 CVE-2011-1550"
+
PACKAGECONFIG ?= "${@bb.utils.filter('DISTRO_FEATURES', 'acl selinux', d)}"
PACKAGECONFIG[acl] = ",,acl"