summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRichard Purdie <richard.purdie@linuxfoundation.org>2021-09-03 10:17:58 +0100
committerAnuj Mittal <anuj.mittal@intel.com>2021-09-15 10:15:07 +0800
commitd0ff86bccdbcd91e8760001037168043725ef8f4 (patch)
treec80ebb71b0102451dbcfbdc88ed68147235f5f88
parentbe18e566413efef12dc2488ab186f397d1dacda9 (diff)
downloadopenembedded-core-contrib-d0ff86bccdbcd91e8760001037168043725ef8f4.tar.gz
tcl: Exclude CVE-2021-35331 from checks
Upstream don't believe this is an issue. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit adf7bafee3f8884e525b5639ba092a1cd8e3beb9) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
-rw-r--r--meta/recipes-devtools/tcltk/tcl_8.6.11.bb3
1 files changed, 3 insertions, 0 deletions
diff --git a/meta/recipes-devtools/tcltk/tcl_8.6.11.bb b/meta/recipes-devtools/tcltk/tcl_8.6.11.bb
index efb36b32dd..a993d7c959 100644
--- a/meta/recipes-devtools/tcltk/tcl_8.6.11.bb
+++ b/meta/recipes-devtools/tcltk/tcl_8.6.11.bb
@@ -30,6 +30,9 @@ SRC_URI[sha256sum] = "8c0486668586672c5693d7d95817cb05a18c5ecca2f40e2836b9578064
SRC_URI_class-native = "${BASE_SRC_URI}"
S = "${WORKDIR}/${BPN}${PV}/unix"
+# Upstream don't believe this is an exploitable issue
+# https://core.tcl-lang.org/tcl/info/7079e4f91601e9c7
+CVE_CHECK_WHITELIST += "CVE-2021-35331"
PSEUDO_IGNORE_PATHS .= ",${WORKDIR}/${BPN}${PV}"
VER = "${PV}"