qemu: Exclude CVE-2007-0998 from cve-check

The CVE applies to the built-in VNC server but we don't enable this by default. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit d62b9974a5f3a0f462434ce2763c28a4b4bbcfc6) Signed-off-by: Steve Sakoman <steve@sakoman.com>
author: Richard Purdie <richard.purdie@linuxfoundation.org> 2021-05-10 12:42:25 +0100
committer: Steve Sakoman <steve@sakoman.com> 2021-05-14 07:16:37 -1000
commit: f0e0787265d9d8bd01629f2b56a0eb57d950c037 (patch)
tree: c10b7f124aa4a304291b891b872f2e6ca191c0bf
parent: 559ed3e62e542b7a4456a9a4eef8742ce8521dfb (diff)
download: openembedded-core-f0e0787265d9d8bd01629f2b56a0eb57d950c037.tar.gz
1 files changed, 4 insertions, 0 deletions
diff --git a/meta/recipes-devtools/qemu/qemu.inc b/meta/recipes-devtools/qemu/qemu.inc
index 86abd5ea49..396ff1c5eb 100644
--- a/meta/recipes-devtools/qemu/qemu.inc
+++ b/meta/recipes-devtools/qemu/qemu.inc
@@ -64,6 +64,10 @@ SRC_URI[sha256sum] = "d3481d4108ce211a053ef15be69af1bdd9dde1510fda80d92be0f6c3e9
 # Applies against virglrender < 0.6.0 and not qemu itself
 CVE_CHECK_WHITELIST += "CVE-2017-5957"
 
+# The VNC server can expose host files uder some circumstances. We don't
+# enable it by default.
+CVE_CHECK_WHITELIST += "CVE-2007-0998"
+
 COMPATIBLE_HOST_mipsarchn32 = "null"
 COMPATIBLE_HOST_mipsarchn64 = "null"
author	Richard Purdie <richard.purdie@linuxfoundation.org>	2021-05-10 12:42:25 +0100
committer	Steve Sakoman <steve@sakoman.com>	2021-05-14 07:16:37 -1000
commit	f0e0787265d9d8bd01629f2b56a0eb57d950c037 (patch)
tree	c10b7f124aa4a304291b891b872f2e6ca191c0bf
parent	559ed3e62e542b7a4456a9a4eef8742ce8521dfb (diff)
download	openembedded-core-f0e0787265d9d8bd01629f2b56a0eb57d950c037.tar.gz