summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRichard Purdie <richard.purdie@linuxfoundation.org>2021-09-03 10:17:58 +0100
committerRichard Purdie <richard.purdie@linuxfoundation.org>2021-09-03 10:18:00 +0100
commitadf7bafee3f8884e525b5639ba092a1cd8e3beb9 (patch)
tree27a9d9fdc0b31e5ec411190e8eb279565db57897
parent2475ce68f0bc1f342c75364dfcfaf7f30499badf (diff)
downloadopenembedded-core-contrib-adf7bafee3f8884e525b5639ba092a1cd8e3beb9.tar.gz
tcl: Exclude CVE-2021-35331 from checks
Upstream don't believe this is an issue. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-rw-r--r--meta/recipes-devtools/tcltk/tcl_8.6.11.bb4
1 files changed, 4 insertions, 0 deletions
diff --git a/meta/recipes-devtools/tcltk/tcl_8.6.11.bb b/meta/recipes-devtools/tcltk/tcl_8.6.11.bb
index 1e91f0827e..cb9e486698 100644
--- a/meta/recipes-devtools/tcltk/tcl_8.6.11.bb
+++ b/meta/recipes-devtools/tcltk/tcl_8.6.11.bb
@@ -29,6 +29,10 @@ SRC_URI[sha256sum] = "cfb49aab82bd179651e23eeeb69606f51b0ddc575ca55c3d35e2457469
SRC_URI:class-native = "${BASE_SRC_URI}"
+# Upstream don't believe this is an exploitable issue
+# https://core.tcl-lang.org/tcl/info/7079e4f91601e9c7
+CVE_CHECK_WHITELIST += "CVE-2021-35331"
+
UPSTREAM_CHECK_REGEX = "tcl(?P<pver>\d+(\.\d+)+)-src"
S = "${WORKDIR}/${BPN}${PV}"