summaryrefslogtreecommitdiffstats
path: root/meta/recipes-core
diff options
context:
space:
mode:
authorAdrian Bunk <bunk@stusta.de>2020-01-17 18:58:13 +0200
committerArmin Kuster <akuster808@gmail.com>2020-01-22 18:24:38 -0800
commitd328696acfd4967d19e32680033d9594dd00b92c (patch)
tree3b6390129b3514b1d8a4bc22aaef989ab94daa51 /meta/recipes-core
parent7c51ca8538f228d98a4b3411a15fde83516c0419 (diff)
downloadopenembedded-core-d328696acfd4967d19e32680033d9594dd00b92c.tar.gz
systemd: Whitelist CVE-2018-21029 CVE-2019-3843 CVE-2019-3844
One does not strictly apply to 241, for the other two a fix was already backported to the 241 branch. Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Armin Kuster <akuster808@gmail.com>
Diffstat (limited to 'meta/recipes-core')
-rw-r--r--meta/recipes-core/systemd/systemd.inc7
1 files changed, 7 insertions, 0 deletions
diff --git a/meta/recipes-core/systemd/systemd.inc b/meta/recipes-core/systemd/systemd.inc
index 2b9c291959..cb41ac5b22 100644
--- a/meta/recipes-core/systemd/systemd.inc
+++ b/meta/recipes-core/systemd/systemd.inc
@@ -14,6 +14,13 @@ LICENSE = "GPLv2 & LGPLv2.1"
LIC_FILES_CHKSUM = "file://LICENSE.GPL2;md5=751419260aa954499f7abaabaa882bbe \
file://LICENSE.LGPL2.1;md5=4fbd65380cdd255951079008b364516c"
+# DNSOverTLS strict mode was added in 243
+# https://github.com/systemd/systemd/issues/9397
+CVE_CHECK_WHITELIST += "CVE-2018-21029"
+
+# Commit dc903ec516cb on the 241 branch
+CVE_CHECK_WHITELIST += "CVE-2019-3843 CVE-2019-3844"
+
SRCREV = "511646b8ac5c82f210b16920044465756913d238"
SRCBRANCH = "v241-stable"
SRC_URI = "git://github.com/systemd/systemd-stable.git;protocol=git;branch=${SRCBRANCH}"