From: Adrian Bunk <bunk@stusta.de>
Date: Thu, 5 Dec 2019 21:42:27 +0000 (+0200)
Subject: openssl: Whitelist CVE-2019-0190
X-Git-Tag: 2019-10.2-zeus~85
X-Git-Url: https://code.ossystems.io/gitweb?a=commitdiff_plain;h=9c693dbc0107241613f6ff694046592057c9b377;p=openembedded-core.git

openssl: Whitelist CVE-2019-0190

This is only a problem with older Apache versions.

(From OE-Core rev: 492d43296b15514ec72dfb15f37c6d2ab1fbbae3)

Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---

diff --git a/meta/recipes-connectivity/openssl/openssl_1.1.1d.bb b/meta/recipes-connectivity/openssl/openssl_1.1.1d.bb
index 9fe80e5fd2..458ae7daf4 100644
--- a/meta/recipes-connectivity/openssl/openssl_1.1.1d.bb
+++ b/meta/recipes-connectivity/openssl/openssl_1.1.1d.bb
@@ -203,3 +203,7 @@ RDEPENDS_${PN}-ptest += "openssl-bin perl perl-modules bash"
 BBCLASSEXTEND = "native nativesdk"
 
 CVE_PRODUCT = "openssl:openssl"
+
+# Only affects OpenSSL >= 1.1.1 in combination with Apache < 2.4.37
+# Apache in meta-webserver is already recent enough
+CVE_CHECK_WHITELIST += "CVE-2019-0190"