[meta-oe][master][kirkstone][PATCH] libplist: ignore patched CVEs


Davide Gardenal
 

CVE-2017-5834, CVE-2017-5835 and CVE-2017-5836 are patched in our
version of libplist but they don't have a vulnerable version range in
the NVD database, that's why they need to be ignored.

Signed-off-by: Davide Gardenal <davide.gardenal@...>
---
meta-oe/recipes-extended/libimobiledevice/libplist_2.2.0.bb | 6 ++++++
1 file changed, 6 insertions(+)

diff --git a/meta-oe/recipes-extended/libimobiledevice/libplist_2.2.0.bb b/meta-oe/recipes-extended/libimobiledevice/libplist_2.2.0.bb
index db4f507b7..daaff0039 100644
--- a/meta-oe/recipes-extended/libimobiledevice/libplist_2.2.0.bb
+++ b/meta-oe/recipes-extended/libimobiledevice/libplist_2.2.0.bb
@@ -13,6 +13,12 @@ SRC_URI = "git://github.com/libimobiledevice/libplist;protocol=https;branch=mast

S = "${WORKDIR}/git"

+CVE_CHECK_IGNORE += "\
+ CVE-2017-5834 \
+ CVE-2017-5835 \
+ CVE-2017-5836 \
+"
+
do_install:append () {
if [ -e ${D}${libdir}/python*/site-packages/plist/_plist.so ]; then
chrpath -d ${D}${libdir}/python*/site-packages/plist/_plist.so
--
2.34.1

Join openembedded-devel@lists.openembedded.org to automatically receive all group messages.