[meta-oe][master][PATCH] openjpeg: ignore CVE-2015-1239


Davide Gardenal
 

This CVE is patched in our version of openjpeg. The NVD database doesn't
include a version range this is why it's still reported.

Signed-off-by: Davide Gardenal <davide.gardenal@...>
---
meta-oe/recipes-graphics/openjpeg/openjpeg_2.5.0.bb | 4 ++++
1 file changed, 4 insertions(+)

diff --git a/meta-oe/recipes-graphics/openjpeg/openjpeg_2.5.0.bb b/meta-oe/recipes-graphics/openjpeg/openjpeg_2.5.0.bb
index c71e53564..379165718 100644
--- a/meta-oe/recipes-graphics/openjpeg/openjpeg_2.5.0.bb
+++ b/meta-oe/recipes-graphics/openjpeg/openjpeg_2.5.0.bb
@@ -11,6 +11,10 @@ SRC_URI = "git://github.com/uclouvain/openjpeg.git;branch=master;protocol=https
SRCREV = "a5891555eb49ed7cc26b2901ea680acda136d811"
S = "${WORKDIR}/git"

+CVE_CHECK_IGNORE += "\
+ CVE-2015-1239 \
+"
+
inherit cmake

# for multilib
--
2.34.1

Join openembedded-devel@lists.openembedded.org to automatically receive all group messages.