From f81318a4f87dbb9c9f9e0e24e68163fb797930bb Mon Sep 17 00:00:00 2001 From: Saloni Jain Date: Sat, 1 May 2021 21:23:36 -0400 Subject: fuse: Whitelisted CVE-2019-14860 CVE-2019-14860 is a REDHAT specific issue and was addressed for REDHAT Fuse products on Red Hat Fuse 7.4.1 and Red Hat Fuse 7.5.0. REDHAT has also released the fix and updated their security advisories after significant releases. Hence, whitelisted the CVE-2019-14860. Link: https://access.redhat.com/security/cve/cve-2019-14860 Link: https://access.redhat.com/errata/RHSA-2019:3244 Link: https://access.redhat.com/errata/RHSA-2019:3892 Signed-off-by: Armin Kuster --- meta-filesystems/recipes-support/fuse/fuse_2.9.9.bb | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/meta-filesystems/recipes-support/fuse/fuse_2.9.9.bb b/meta-filesystems/recipes-support/fuse/fuse_2.9.9.bb index 95e870691c..49682b3cd4 100644 --- a/meta-filesystems/recipes-support/fuse/fuse_2.9.9.bb +++ b/meta-filesystems/recipes-support/fuse/fuse_2.9.9.bb @@ -19,6 +19,11 @@ SRC_URI = "https://github.com/libfuse/libfuse/releases/download/${BP}/${BP}.tar. SRC_URI[md5sum] = "8000410aadc9231fd48495f7642f3312" SRC_URI[sha256sum] = "d0e69d5d608cc22ff4843791ad097f554dd32540ddc9bed7638cc6fea7c1b4b5" +# CVE-2019-14860 is a REDHAT specific issue and was addressed for REDHAT Fuse products on Red Hat Fuse 7.4.1 and Red Hat Fuse 7.5.0. +# REDHAT has also released the fix and updated their security advisories after significant releases. +CVE_PRODUCT = "fuse" +CVE_CHECK_WHITELIST += "CVE-2019-14860" + UPSTREAM_CHECK_URI = "https://github.com/libfuse/libfuse/releases" UPSTREAM_CHECK_REGEX = "fuse\-(?P2(\.\d+)+).tar.gz" -- cgit 1.2.3-korg