]> code.ossystems Code Review - openembedded-core.git/commitdiff
Code Review / openembedded-core.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | patch | inline | side by side (parent: 107987b)
qemu: Exclude CVE-2017-5957 from cve-check
authorRichard Purdie <richard.purdie@linuxfoundation.org>
Mon, 10 May 2021 11:17:15 +0000 (12:17 +0100)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Tue, 11 May 2021 10:53:23 +0000 (11:53 +0100)
The CVE applies to virglrender before 0.6.0 which we don't have.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
meta/recipes-devtools/qemu/qemu.inc patch | blob | history

diff --git a/meta/recipes-devtools/qemu/qemu.inc b/meta/recipes-devtools/qemu/qemu.inc
index 384b0c19b0a116bfd561f05fdb47ef0eedda4040..e210f38cfe060a258627e9a98292b0dfaf21d4be 100644 (file)
--- a/meta/recipes-devtools/qemu/qemu.inc
+++ b/meta/recipes-devtools/qemu/qemu.inc
@@ -65,6 +65,9 @@ SRC_URI[sha256sum] = "cb18d889b628fbe637672b0326789d9b0e3b8027e0445b936537c78549
 SRC_URI_append_class-target = " file://cross.patch"
 SRC_URI_append_class-nativesdk = " file://cross.patch"
 
+# Applies against virglrender < 0.6.0 and not qemu itself
+CVE_CHECK_WHITELIST += "CVE-2017-5957"
+
 COMPATIBLE_HOST_mipsarchn32 = "null"
 COMPATIBLE_HOST_mipsarchn64 = "null"
 
Mirror of the official openembedded-core repository