From: Richard Purdie <richard.purdie@linuxfoundation.org>
Date: Thu, 9 Dec 2021 00:12:12 +0000 (+0000)
Subject: gcc: Add CVE-2021-37322 to the list of CVEs to ignore
X-Git-Tag: 2021-04.5-hardknott~96
X-Git-Url: https://code.ossystems.io/gitweb?a=commitdiff_plain;h=86e9e812f4ec61a4430658b7c06852a32ca8abb1;p=openembedded-core.git

gcc: Add CVE-2021-37322 to the list of CVEs to ignore

The CVE applies to binutils 2.26 and not to gcc so ignore there.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit fea2726663a3db03170c49fceaffc632c509aeea)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---

diff --git a/meta/recipes-devtools/gcc/gcc-10.2.inc b/meta/recipes-devtools/gcc/gcc-10.2.inc
index 248e002106..5626bf20f0 100644
--- a/meta/recipes-devtools/gcc/gcc-10.2.inc
+++ b/meta/recipes-devtools/gcc/gcc-10.2.inc
@@ -122,3 +122,6 @@ EXTRA_OECONF_PATHS = "\
     --with-sysroot=/not/exist \
     --with-build-sysroot=${STAGING_DIR_TARGET} \
 "
+
+# Is a binutils 2.26 issue, not gcc
+CVE_CHECK_WHITELIST += "CVE-2021-37322"