From: Richard Purdie <richard.purdie@linuxfoundation.org>
Date: Mon, 10 May 2021 11:42:25 +0000 (+0100)
Subject: qemu: Exclude CVE-2007-0998 from cve-check
X-Git-Tag: uninative-3.2~117
X-Git-Url: https://code.ossystems.io/gitweb?a=commitdiff_plain;h=d62b9974a5f3a0f462434ce2763c28a4b4bbcfc6;p=openembedded-core.git

qemu: Exclude CVE-2007-0998 from cve-check

The CVE applies to the built-in VNC server but we don't enable this by default.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---

diff --git a/meta/recipes-devtools/qemu/qemu.inc b/meta/recipes-devtools/qemu/qemu.inc
index e210f38cfe..32be057d0e 100644
--- a/meta/recipes-devtools/qemu/qemu.inc
+++ b/meta/recipes-devtools/qemu/qemu.inc
@@ -68,6 +68,10 @@ SRC_URI_append_class-nativesdk = " file://cross.patch"
 # Applies against virglrender < 0.6.0 and not qemu itself
 CVE_CHECK_WHITELIST += "CVE-2017-5957"
 
+# The VNC server can expose host files uder some circumstances. We don't
+# enable it by default.
+CVE_CHECK_WHITELIST += "CVE-2007-0998"
+
 COMPATIBLE_HOST_mipsarchn32 = "null"
 COMPATIBLE_HOST_mipsarchn64 = "null"