summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRobert Joslyn <robert.joslyn@redrectangle.org>2021-01-17 10:42:33 -0800
committerSteve Sakoman <steve@sakoman.com>2021-01-19 04:22:10 -1000
commit897822233faef0f8f35dc1d8a39e1c4bc0550f1e (patch)
treeaac7bf1f3656f0738908fda3060212e4b494a72d
parent872342a37d6159844fcb8d9f0cbf37f011643195 (diff)
downloadopenembedded-core-897822233faef0f8f35dc1d8a39e1c4bc0550f1e.tar.gz
openembedded-core-897822233faef0f8f35dc1d8a39e1c4bc0550f1e.tar.bz2
openembedded-core-897822233faef0f8f35dc1d8a39e1c4bc0550f1e.zip
ppp: Whitelist CVE-2020-15704
This CVE only applies to the load_ppp_generic_if_needed patch applied by Ubuntu. This patch is not used by OpenEmbedded, so the CVE does not apply. Signed-off-by: Robert Joslyn <robert.joslyn@redrectangle.org> Signed-off-by: Steve Sakoman <steve@sakoman.com>
-rw-r--r--meta/recipes-connectivity/ppp/ppp_2.4.7.bb4
1 files changed, 4 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/ppp/ppp_2.4.7.bb b/meta/recipes-connectivity/ppp/ppp_2.4.7.bb
index 60c56dd0bd..76c1cc62a7 100644
--- a/meta/recipes-connectivity/ppp/ppp_2.4.7.bb
+++ b/meta/recipes-connectivity/ppp/ppp_2.4.7.bb
@@ -42,6 +42,10 @@ SRC_URI_append_libc-musl = "\
SRC_URI[md5sum] = "78818f40e6d33a1d1de68a1551f6595a"
SRC_URI[sha256sum] = "02e0a3dd3e4799e33103f70ec7df75348c8540966ee7c948e4ed8a42bbccfb30"
+# This CVE is specific to a patch applied by Ubuntu that is not used by
+# OpenEmbedded.
+CVE_CHECK_WHITELIST += "CVE-2020-15704"
+
inherit autotools-brokensep systemd
TARGET_CC_ARCH += " ${LDFLAGS}"