[OE-core] [PATCH 1/3] rpm: Exclude CVE-2021-20271 from cve-check

Richard Purdie Wed, 12 May 2021 15:49:31 -0700

This is included in the release we have, it was the reason for the last rpm
point release.


Signed-off-by: Richard Purdie <richard.pur...@linuxfoundation.org>
---
 meta/recipes-devtools/rpm/rpm_4.16.1.3.bb | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/meta/recipes-devtools/rpm/rpm_4.16.1.3.bb 
b/meta/recipes-devtools/rpm/rpm_4.16.1.3.bb
index 7c03b41fc82..2857cd730c4 100644
--- a/meta/recipes-devtools/rpm/rpm_4.16.1.3.bb
+++ b/meta/recipes-devtools/rpm/rpm_4.16.1.3.bb
@@ -47,6 +47,10 @@ SRCREV = "3659b8a04f5b8bacf6535e0124e7fe23f15286bd"
 
 S = "${WORKDIR}/git"
 
+# Fix 
https://github.com/rpm-software-management/rpm/commit/d6a86b5e69e46cc283b1e06c92343319beb42e21
+# included in 4.16.1.3
+CVE_CHECK_WHIETLIST += "CVE-2021-20271"
+
 DEPENDS = "libgcrypt db file popt xz bzip2 elfutils python3"
 DEPENDS_append_class-native = " file-replacement-native 
bzip2-replacement-native"
 
-- 
2.30.2

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#151684): 
https://lists.openembedded.org/g/openembedded-core/message/151684
Mute This Topic: https://lists.openembedded.org/mt/82786022/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [PATCH 1/3] rpm: Exclude CVE-2021-20271 from cve-check

Reply via email to