Saloni, Thanks for the CVE cleanup.
On 9/13/21 5:45 AM, Saloni Jain wrote:
> From: Saloni Jain <salo...@kpit.com>
>
> Below CVE affects only Oracle Berkeley DB as per upstream.
> Hence, whitelisted them.
This situation will happen more frequently than one thinks including
with mariadb recipe. I wounder if a "${PN}_cve_ exclude.inc" like
scheme may help keep the recipe from getting hard to read if the listing
gets out of control?
- Armin
>
> 1. CVE-2015-2583
> Link: https://security-tracker.debian.org/tracker/CVE-2015-2583
> 2. CVE-2015-2624
> Link: https://security-tracker.debian.org/tracker/CVE-2015-2624
> 3. CVE-2015-2626
> Link: https://security-tracker.debian.org/tracker/CVE-2015-2626
> 4. CVE-2015-2640
> Link: https://security-tracker.debian.org/tracker/CVE-2015-2640
> 5. CVE-2015-2654
> Link: https://security-tracker.debian.org/tracker/CVE-2015-2654
> 6. CVE-2015-2656
> Link: https://security-tracker.debian.org/tracker/CVE-2015-2656
> 7. CVE-2015-4754
> Link: https://security-tracker.debian.org/tracker/CVE-2015-4754
> 8. CVE-2015-4764
> Link: https://security-tracker.debian.org/tracker/CVE-2015-4764
> 9. CVE-2015-4774
> Link: https://security-tracker.debian.org/tracker/CVE-2015-4774
> 10. CVE-2015-4775
> Link: https://security-tracker.debian.org/tracker/CVE-2015-4775
> 11. CVE-2015-4776
> Link: https://security-tracker.debian.org/tracker/CVE-2015-4776
> 12. CVE-2015-4777
> Link: https://security-tracker.debian.org/tracker/CVE-2015-4777
> 13. CVE-2015-4778
> Link: https://security-tracker.debian.org/tracker/CVE-2015-4778
> 14. CVE-2015-4779
> Link: https://security-tracker.debian.org/tracker/CVE-2015-4779
> 15. CVE-2015-4780
> Link: https://security-tracker.debian.org/tracker/CVE-2015-4780
> 16. CVE-2015-4781
> Link: https://security-tracker.debian.org/tracker/CVE-2015-4781
> 17. CVE-2015-4782
> Link: https://security-tracker.debian.org/tracker/CVE-2015-4782
> 18. CVE-2015-4783
> Link: https://security-tracker.debian.org/tracker/CVE-2015-4783
> 19. CVE-2015-4784
> Link: https://security-tracker.debian.org/tracker/CVE-2015-4784
> 20. CVE-2015-4785
> Link: https://security-tracker.debian.org/tracker/CVE-2015-4785
> 21. CVE-2015-4786
> Link: https://security-tracker.debian.org/tracker/CVE-2015-4786
> 22. CVE-2015-4787
> Link: https://security-tracker.debian.org/tracker/CVE-2015-4787
> 23. CVE-2015-4788
> Link: https://security-tracker.debian.org/tracker/CVE-2015-4788
> 24. CVE-2015-4789
> Link: https://security-tracker.debian.org/tracker/CVE-2015-4789
> 25. CVE-2015-4790
> Link: https://security-tracker.debian.org/tracker/CVE-2015-4790
> 26. CVE-2016-0682
> Link: https://security-tracker.debian.org/tracker/CVE-2016-0682
> 27. CVE-2016-0689
> Link: https://security-tracker.debian.org/tracker/CVE-2016-0689
> 28. CVE-2016-0692
> Link: https://security-tracker.debian.org/tracker/CVE-2016-0692
> 29. CVE-2016-0694
> Link: https://security-tracker.debian.org/tracker/CVE-2016-0694
> 30. CVE-2016-3418
> Link: https://security-tracker.debian.org/tracker/CVE-2016-3418
> 31. CVE-2017-3604
> Link: https://security-tracker.debian.org/tracker/CVE-2017-3604
> 32. CVE-2017-3605
> Link: https://security-tracker.debian.org/tracker/CVE-2017-3605
> 33. CVE-2017-3606
> Link: https://security-tracker.debian.org/tracker/CVE-2017-3606
> 34. CVE-2017-3607
> Link: https://security-tracker.debian.org/tracker/CVE-2017-3607
> 35. CVE-2017-3608
> Link: https://security-tracker.debian.org/tracker/CVE-2017-3608
> 36. CVE-2017-3609
> Link: https://security-tracker.debian.org/tracker/CVE-2017-3609
> 37. CVE-2017-3610
> Link: https://security-tracker.debian.org/tracker/CVE-2017-3610
> 38. CVE-2017-3611
> Link: https://security-tracker.debian.org/tracker/CVE-2017-3611
> 39. CVE-2017-3612
> Link: https://security-tracker.debian.org/tracker/CVE-2017-3612
> 40. CVE-2017-3613
> Link: https://security-tracker.debian.org/tracker/CVE-2017-3613
> 41. CVE-2017-3614
> Link: https://security-tracker.debian.org/tracker/CVE-2017-3614
> 42. CVE-2017-3615
> Link: https://security-tracker.debian.org/tracker/CVE-2017-3615
> 43. CVE-2017-3616
> Link: https://security-tracker.debian.org/tracker/CVE-2017-3616
> 44. CVE-2017-3617
> Link: https://security-tracker.debian.org/tracker/CVE-2017-3617
> 45. CVE-2020-2981
> Link: https://security-tracker.debian.org/tracker/CVE-2020-2981
>
> Signed-off-by: Saloni <jainsaloni0...@gmail.com>
> ---
> meta/recipes-support/db/db_5.3.28.bb | 92 ++++++++++++++++++++++++++++
> 1 file changed, 92 insertions(+)
>
> diff --git a/meta/recipes-support/db/db_5.3.28.bb
> b/meta/recipes-support/db/db_5.3.28.bb
> index b2ae98f05c..000e9ef468 100644
> --- a/meta/recipes-support/db/db_5.3.28.bb
> +++ b/meta/recipes-support/db/db_5.3.28.bb
> @@ -39,6 +39,98 @@ SRC_URI[sha256sum] =
> "e0a992d740709892e81f9d93f06daf305cf73fb81b545afe7247804317
>
> LIC_FILES_CHKSUM = "file://LICENSE;md5=ed1158e31437f4f87cdd4ab2b8613955"
>
> +# Below CVEs affects only Oracle Berkeley DB as per upstream.
> +# https://security-tracker.debian.org/tracker/CVE-2015-2583
> +CVE_CHECK_WHITELIST += "CVE-2015-2583"
> +# https://security-tracker.debian.org/tracker/CVE-2015-2624
> +CVE_CHECK_WHITELIST += "CVE-2015-2624"
> +# https://security-tracker.debian.org/tracker/CVE-2015-2626
> +CVE_CHECK_WHITELIST += "CVE-2015-2626"
> +# https://security-tracker.debian.org/tracker/CVE-2015-2640
> +CVE_CHECK_WHITELIST += "CVE-2015-2640"
> +# https://security-tracker.debian.org/tracker/CVE-2015-2654
> +CVE_CHECK_WHITELIST += "CVE-2015-2654"
> +# https://security-tracker.debian.org/tracker/CVE-2015-2656
> +CVE_CHECK_WHITELIST += "CVE-2015-2656"
> +# https://security-tracker.debian.org/tracker/CVE-2015-4754
> +CVE_CHECK_WHITELIST += "CVE-2015-4754"
> +# https://security-tracker.debian.org/tracker/CVE-2015-4764
> +CVE_CHECK_WHITELIST += "CVE-2015-4764"
> +# https://security-tracker.debian.org/tracker/CVE-2015-4774
> +CVE_CHECK_WHITELIST += "CVE-2015-4774"
> +# https://security-tracker.debian.org/tracker/CVE-2015-4775
> +CVE_CHECK_WHITELIST += "CVE-2015-4775"
> +# https://security-tracker.debian.org/tracker/CVE-2015-4776
> +CVE_CHECK_WHITELIST += "CVE-2015-4776"
> +# https://security-tracker.debian.org/tracker/CVE-2015-4777
> +CVE_CHECK_WHITELIST += "CVE-2015-4777"
> +# https://security-tracker.debian.org/tracker/CVE-2015-4778
> +CVE_CHECK_WHITELIST += "CVE-2015-4778"
> +# https://security-tracker.debian.org/tracker/CVE-2015-4779
> +CVE_CHECK_WHITELIST += "CVE-2015-4779"
> +# https://security-tracker.debian.org/tracker/CVE-2015-4780
> +CVE_CHECK_WHITELIST += "CVE-2015-4780"
> +# https://security-tracker.debian.org/tracker/CVE-2015-4781
> +CVE_CHECK_WHITELIST += "CVE-2015-4781"
> +# https://security-tracker.debian.org/tracker/CVE-2015-4782
> +CVE_CHECK_WHITELIST += "CVE-2015-4782"
> +# https://security-tracker.debian.org/tracker/CVE-2015-4783
> +CVE_CHECK_WHITELIST += "CVE-2015-4783"
> +# https://security-tracker.debian.org/tracker/CVE-2015-4784
> +CVE_CHECK_WHITELIST += "CVE-2015-4784"
> +# https://security-tracker.debian.org/tracker/CVE-2015-4785
> +CVE_CHECK_WHITELIST += "CVE-2015-4785"
> +# https://security-tracker.debian.org/tracker/CVE-2015-4786
> +CVE_CHECK_WHITELIST += "CVE-2015-4786"
> +# https://security-tracker.debian.org/tracker/CVE-2015-4787
> +CVE_CHECK_WHITELIST += "CVE-2015-4787"
> +# https://security-tracker.debian.org/tracker/CVE-2015-4788
> +CVE_CHECK_WHITELIST += "CVE-2015-4788"
> +# https://security-tracker.debian.org/tracker/CVE-2015-4789
> +CVE_CHECK_WHITELIST += "CVE-2015-4789"
> +# https://security-tracker.debian.org/tracker/CVE-2015-4790
> +CVE_CHECK_WHITELIST += "CVE-2015-4790"
> +# https://security-tracker.debian.org/tracker/CVE-2016-0682
> +CVE_CHECK_WHITELIST += "CVE-2016-0682"
> +# https://security-tracker.debian.org/tracker/CVE-2016-0689
> +CVE_CHECK_WHITELIST += "CVE-2016-0689"
> +# https://security-tracker.debian.org/tracker/CVE-2016-0692
> +CVE_CHECK_WHITELIST += "CVE-2016-0692"
> +# https://security-tracker.debian.org/tracker/CVE-2016-0694
> +CVE_CHECK_WHITELIST += "CVE-2016-0694"
> +# https://security-tracker.debian.org/tracker/CVE-2016-3418
> +CVE_CHECK_WHITELIST += "CVE-2016-3418"
> +# https://security-tracker.debian.org/tracker/CVE-2017-3604
> +CVE_CHECK_WHITELIST += "CVE-2017-3604"
> +# https://security-tracker.debian.org/tracker/CVE-2017-3605
> +CVE_CHECK_WHITELIST += "CVE-2017-3605"
> +# https://security-tracker.debian.org/tracker/CVE-2017-3606
> +CVE_CHECK_WHITELIST += "CVE-2017-3606"
> +# https://security-tracker.debian.org/tracker/CVE-2017-3607
> +CVE_CHECK_WHITELIST += "CVE-2017-3607"
> +# https://security-tracker.debian.org/tracker/CVE-2017-3608
> +CVE_CHECK_WHITELIST += "CVE-2017-3608"
> +# https://security-tracker.debian.org/tracker/CVE-2017-3609
> +CVE_CHECK_WHITELIST += "CVE-2017-3609"
> +# https://security-tracker.debian.org/tracker/CVE-2017-3610
> +CVE_CHECK_WHITELIST += "CVE-2017-3610"
> +# https://security-tracker.debian.org/tracker/CVE-2017-3611
> +CVE_CHECK_WHITELIST += "CVE-2017-3611"
> +# https://security-tracker.debian.org/tracker/CVE-2017-3612
> +CVE_CHECK_WHITELIST += "CVE-2017-3612"
> +# https://security-tracker.debian.org/tracker/CVE-2017-3613
> +CVE_CHECK_WHITELIST += "CVE-2017-3613"
> +# https://security-tracker.debian.org/tracker/CVE-2017-3614
> +CVE_CHECK_WHITELIST += "CVE-2017-3614"
> +# https://security-tracker.debian.org/tracker/CVE-2017-3615
> +CVE_CHECK_WHITELIST += "CVE-2017-3615"
> +# https://security-tracker.debian.org/tracker/CVE-2017-3616
> +CVE_CHECK_WHITELIST += "CVE-2017-3616"
> +# https://security-tracker.debian.org/tracker/CVE-2017-3617
> +CVE_CHECK_WHITELIST += "CVE-2017-3617"
> +# https://security-tracker.debian.org/tracker/CVE-2020-2981
> +CVE_CHECK_WHITELIST += "CVE-2020-2981"
> +
> inherit autotools
>
> # The executables go in a separate package - typically there
>
>
>
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#155977): https://lists.openembedded.org/g/openembedded-core/message/155977 Mute This Topic: https://lists.openembedded.org/mt/85573913/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
