diff options
author | Adrian Bunk <bunk@stusta.de> | 2019-12-05 23:42:27 +0200 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2019-12-31 10:36:31 +0000 |
commit | 9c693dbc0107241613f6ff694046592057c9b377 (patch) | |
tree | 3efa157bedab0c93002db11104b8af8005cb4d0e | |
parent | 66c428a676acd4dd2c7c7589ac651faef77c1323 (diff) | |
download | openembedded-core-9c693dbc0107241613f6ff694046592057c9b377.tar.gz |
openssl: Whitelist CVE-2019-0190
This is only a problem with older Apache versions.
(From OE-Core rev: 492d43296b15514ec72dfb15f37c6d2ab1fbbae3)
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
-rw-r--r-- | meta/recipes-connectivity/openssl/openssl_1.1.1d.bb | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/openssl/openssl_1.1.1d.bb b/meta/recipes-connectivity/openssl/openssl_1.1.1d.bb index 9fe80e5fd2..458ae7daf4 100644 --- a/meta/recipes-connectivity/openssl/openssl_1.1.1d.bb +++ b/meta/recipes-connectivity/openssl/openssl_1.1.1d.bb @@ -203,3 +203,7 @@ RDEPENDS_${PN}-ptest += "openssl-bin perl perl-modules bash" BBCLASSEXTEND = "native nativesdk" CVE_PRODUCT = "openssl:openssl" + +# Only affects OpenSSL >= 1.1.1 in combination with Apache < 2.4.37 +# Apache in meta-webserver is already recent enough +CVE_CHECK_WHITELIST += "CVE-2019-0190" |