Message ID | 20221125123532.938920-1-u.oelmann@pengutronix.de |
---|---|
State | New |
Headers | show |
Series | [meta-java] jsch: switch to inclusive language | expand |
On 11/25/22 13:35, Ulrich Ölmann wrote: > Signed-off-by: Ulrich Ölmann <u.oelmann@pengutronix.de> > --- > recipes-core/jcraft/jsch_0.1.40.bb | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) > > diff --git a/recipes-core/jcraft/jsch_0.1.40.bb b/recipes-core/jcraft/jsch_0.1.40.bb > index 07d5b9e3108e..259712661f4d 100644 > --- a/recipes-core/jcraft/jsch_0.1.40.bb > +++ b/recipes-core/jcraft/jsch_0.1.40.bb > @@ -25,8 +25,8 @@ do_compile() { > SRC_URI[md5sum] = "b59cec19a487e95aed68378976b4b566" > SRC_URI[sha256sum] = "ca9d2ae08fd7a8983fb00d04f0f0c216a985218a5eb364ff9bee73870f28e097" > > -# Whitelist the CVE because it only affects Windows platforms > -CVE_CHECK_WHITELIST += "CVE-2016-5725" > +# Ignore the CVE because it only affects Windows platforms > +CVE_CHECK_IGNORE += "CVE-2016-5725" > > BBCLASSEXTEND = "native" > Also your commit: 3161106f0879a6be0a016df3a8bb8fa800bd6044 openjdk-8: refresh patches seems to have *introduced* fuzz warnings, rather than fix any on master branch ... Jacob
Hi Jacob, On Fri, Nov 25 2022 at 14:57 +0100, "Jacob Kroon" <jacob.kroon@gmail.com> wrote: > On 11/25/22 13:35, Ulrich Ölmann wrote: >> Signed-off-by: Ulrich Ölmann <u.oelmann@pengutronix.de> >> --- >> recipes-core/jcraft/jsch_0.1.40.bb | 4 ++-- >> 1 file changed, 2 insertions(+), 2 deletions(-) >> diff --git a/recipes-core/jcraft/jsch_0.1.40.bb >> b/recipes-core/jcraft/jsch_0.1.40.bb >> index 07d5b9e3108e..259712661f4d 100644 >> --- a/recipes-core/jcraft/jsch_0.1.40.bb >> +++ b/recipes-core/jcraft/jsch_0.1.40.bb >> @@ -25,8 +25,8 @@ do_compile() { >> SRC_URI[md5sum] = "b59cec19a487e95aed68378976b4b566" >> SRC_URI[sha256sum] = "ca9d2ae08fd7a8983fb00d04f0f0c216a985218a5eb364ff9bee73870f28e097" >> -# Whitelist the CVE because it only affects Windows platforms >> -CVE_CHECK_WHITELIST += "CVE-2016-5725" >> +# Ignore the CVE because it only affects Windows platforms >> +CVE_CHECK_IGNORE += "CVE-2016-5725" >> BBCLASSEXTEND = "native" >> > > Also your commit: > > 3161106f0879a6be0a016df3a8bb8fa800bd6044 > openjdk-8: refresh patches > > seems to have *introduced* fuzz warnings, rather than fix any on master branch > ... after reading your hint, at first sight I felt ashamed seeing that my refreshed patches introduce fuzz warnings instead of fixing them as was intended by me. Looking more closely I then realized that before my commit 3161106f0879 ("openjdk-8: refresh patches") it was openjdk-8 where the patches did not apply cleanly (but openjdk-8-native where everything was okay) while after that commit it is exactly the other way round. Unfortunately I did not realize that when I stumbled across it originally, sigh. At the bottom line sadly my commit neither improved the overall situation nor did it worsen it. So: sorry for the noise! Best regards Ulrich > Jacob
diff --git a/recipes-core/jcraft/jsch_0.1.40.bb b/recipes-core/jcraft/jsch_0.1.40.bb index 07d5b9e3108e..259712661f4d 100644 --- a/recipes-core/jcraft/jsch_0.1.40.bb +++ b/recipes-core/jcraft/jsch_0.1.40.bb @@ -25,8 +25,8 @@ do_compile() { SRC_URI[md5sum] = "b59cec19a487e95aed68378976b4b566" SRC_URI[sha256sum] = "ca9d2ae08fd7a8983fb00d04f0f0c216a985218a5eb364ff9bee73870f28e097" -# Whitelist the CVE because it only affects Windows platforms -CVE_CHECK_WHITELIST += "CVE-2016-5725" +# Ignore the CVE because it only affects Windows platforms +CVE_CHECK_IGNORE += "CVE-2016-5725" BBCLASSEXTEND = "native"
Signed-off-by: Ulrich Ölmann <u.oelmann@pengutronix.de> --- recipes-core/jcraft/jsch_0.1.40.bb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)