From: Richard Purdie <richard.purdie@linuxfoundation.org>
Date: Wed, 12 May 2021 22:28:54 +0000 (+0100)
Subject: rpm: Exclude CVE-2021-20271 from cve-check
X-Git-Tag: uninative-3.2~93
X-Git-Url: https://code.ossystems.io/gitweb?a=commitdiff_plain;h=117feb358c81b6b852dee24268eac0a1a47c1701;p=openembedded-core.git

rpm: Exclude CVE-2021-20271 from cve-check

This is included in the release we have, it was the reason for the last rpm
point release.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---

diff --git a/meta/recipes-devtools/rpm/rpm_4.16.1.3.bb b/meta/recipes-devtools/rpm/rpm_4.16.1.3.bb
index 7c03b41fc8..2857cd730c 100644
--- a/meta/recipes-devtools/rpm/rpm_4.16.1.3.bb
+++ b/meta/recipes-devtools/rpm/rpm_4.16.1.3.bb
@@ -47,6 +47,10 @@ SRCREV = "3659b8a04f5b8bacf6535e0124e7fe23f15286bd"
 
 S = "${WORKDIR}/git"
 
+# Fix https://github.com/rpm-software-management/rpm/commit/d6a86b5e69e46cc283b1e06c92343319beb42e21
+# included in 4.16.1.3
+CVE_CHECK_WHIETLIST += "CVE-2021-20271"
+
 DEPENDS = "libgcrypt db file popt xz bzip2 elfutils python3"
 DEPENDS_append_class-native = " file-replacement-native bzip2-replacement-native"