From: Richard Purdie <richard.purdie@linuxfoundation.org>
Date: Sun, 20 Dec 2020 23:55:12 +0000 (+0000)
Subject: cups: Mark CVE-2009-0032 as a non-issue
X-Git-Tag: uninative-2.10~417
X-Git-Url: https://code.ossystems.io/gitweb?a=commitdiff_plain;h=5f7cb9f6ec4b14f992d265b8c67a9f5589f9b842;p=openembedded-core.git

cups: Mark CVE-2009-0032 as a non-issue

The CVE was against a cups plugin which is obsolete and we don't include.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---

diff --git a/meta/recipes-extended/cups/cups.inc b/meta/recipes-extended/cups/cups.inc
index df8d4d284a..91e73d75e4 100644
--- a/meta/recipes-extended/cups/cups.inc
+++ b/meta/recipes-extended/cups/cups.inc
@@ -20,6 +20,8 @@ SRC_URI = "https://github.com/apple/cups/releases/download/v${PV}/${BP}-source.t
 UPSTREAM_CHECK_URI = "https://github.com/apple/cups/releases"
 UPSTREAM_CHECK_REGEX = "cups-(?P<pver>\d+\.\d+(\.\d+)?)-source.tar"
 
+# Issue affects pdfdistiller plugin used with but not part of cups
+CVE_CHECK_WHITELIST += "CVE-2009-0032"
 # This is an Ubuntu only issue.
 CVE_CHECK_WHITELIST += "CVE-2018-6553"