]> code.ossystems Code Review - openembedded-core.git/commitdiff
Code Review / openembedded-core.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | patch | inline | side by side (parent: d8df880)
qemu: Exclude CVE-2007-0998 from cve-check
authorRichard Purdie <richard.purdie@linuxfoundation.org>
Mon, 10 May 2021 11:42:25 +0000 (12:42 +0100)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Sat, 22 May 2021 09:00:45 +0000 (10:00 +0100)
The CVE applies to the built-in VNC server but we don't enable this by default.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
meta/recipes-devtools/qemu/qemu.inc patch | blob | history

diff --git a/meta/recipes-devtools/qemu/qemu.inc b/meta/recipes-devtools/qemu/qemu.inc
index e1c1bfdbfe5ba5a4bdb27e1463c5d1f2dfe538dc..c56f341a5e160b8bd7d475268f7e5d73ac3de832 100644 (file)
--- a/meta/recipes-devtools/qemu/qemu.inc
+++ b/meta/recipes-devtools/qemu/qemu.inc
@@ -68,6 +68,10 @@ SRC_URI_append_class-nativesdk = " file://cross.patch"
 # Applies against virglrender < 0.6.0 and not qemu itself
 CVE_CHECK_WHITELIST += "CVE-2017-5957"
 
+# The VNC server can expose host files uder some circumstances. We don't
+# enable it by default.
+CVE_CHECK_WHITELIST += "CVE-2007-0998"
+
 COMPATIBLE_HOST_mipsarchn32 = "null"
 COMPATIBLE_HOST_mipsarchn64 = "null"
 
Mirror of the official openembedded-core repository