]> code.ossystems Code Review - openembedded-core.git/commitdiff
Code Review / openembedded-core.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | patch | inline | side by side (parent: 8292967)
bluez: Exclude CVE-2020-12352 CVE-2020-24490 from cve-check
authorRichard Purdie <richard.purdie@linuxfoundation.org>
Tue, 11 May 2021 12:47:54 +0000 (13:47 +0100)
committerSteve Sakoman <steve@sakoman.com>
Fri, 14 May 2021 17:16:38 +0000 (07:16 -1000)
These CVEs are fixed with kernel changes and don't affect the bluez recipe.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 658902477840ea34d414083c4c79616bf5e999a2)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
meta/recipes-connectivity/bluez5/bluez5_5.55.bb patch | blob | history

diff --git a/meta/recipes-connectivity/bluez5/bluez5_5.55.bb b/meta/recipes-connectivity/bluez5/bluez5_5.55.bb
index 819092456216d02932046e32954bae8c5a105a45..e5353bd81598618bbe8f1a85c7681fc0eef207f5 100644 (file)
--- a/meta/recipes-connectivity/bluez5/bluez5_5.55.bb
+++ b/meta/recipes-connectivity/bluez5/bluez5_5.55.bb
@@ -3,6 +3,9 @@ require bluez5.inc
 SRC_URI[md5sum] = "94972b8bc7ade60c72b0ffa6ccff2c0a"
 SRC_URI[sha256sum] = "8863717113c4897e2ad3271fc808ea245319e6fd95eed2e934fae8e0894e9b88"
 
+# These issues have kernel fixes rather than bluez fixes so exclude here
+CVE_CHECK_WHITELIST += "CVE-2020-12352 CVE-2020-24490"
+
 # noinst programs in Makefile.tools that are conditional on READLINE
 # support
 NOINST_TOOLS_READLINE ?= " \
Mirror of the official openembedded-core repository