[OE-core] [PATCH] rpm: Exclude CVE-2021-20266 from cve-check

Richard Purdie Mon, 17 May 2021 02:49:03 -0700

This is included in the release we have, it was the reason for the last rpm
point release.


Signed-off-by: Richard Purdie <richard.pur...@linuxfoundation.org>
---
 meta/recipes-devtools/rpm/rpm_4.16.1.3.bb | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/meta/recipes-devtools/rpm/rpm_4.16.1.3.bb 
b/meta/recipes-devtools/rpm/rpm_4.16.1.3.bb
index 2857cd730c4..760adab02b5 100644
--- a/meta/recipes-devtools/rpm/rpm_4.16.1.3.bb
+++ b/meta/recipes-devtools/rpm/rpm_4.16.1.3.bb
@@ -51,6 +51,10 @@ S = "${WORKDIR}/git"
 # included in 4.16.1.3
 CVE_CHECK_WHIETLIST += "CVE-2021-20271"
 
+# Fix 
https://github.com/rpm-software-management/rpm/commit/2e21a178fcc76565c09ed3a28624ca8aeda1880a
+# included in 4.16.1.3
+CVE_CHECK_WHIETLIST += "CVE-2021-20266"
+
 DEPENDS = "libgcrypt db file popt xz bzip2 elfutils python3"
 DEPENDS_append_class-native = " file-replacement-native 
bzip2-replacement-native"
 
-- 
2.30.2

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#151907): 
https://lists.openembedded.org/g/openembedded-core/message/151907
Mute This Topic: https://lists.openembedded.org/mt/82882772/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [PATCH] rpm: Exclude CVE-2021-20266 from cve-check

Reply via email to