Message ID | f35500a442d6a4564d52e23f9602a3f90a4ceee5.1650131192.git.steve@sakoman.com |
---|---|
State | Accepted, archived |
Commit | f35500a442d6a4564d52e23f9602a3f90a4ceee5 |
Headers | show |
Series | [dunfell,01/11] vim: Upgrade 8.2.4524 -> 8.2.4681 | expand |
On Sat, Apr 16, 2022 at 12:15 PM, Steve Sakoman wrote: > > CVE_CHECK_IGNORE Hi Steve, Is this variable CVE_CHECK_IGNORE valid in dunfell branch too? Because when I check with "bitbake -c cve_check git" it is still showing as Unpatched only. Thanks, Ranjitsinh Rathod
On Tue, May 17, 2022 at 1:09 AM Ranjitsinh Rathod <ranjitsinhrathod1991@gmail.com> wrote: > > On Sat, Apr 16, 2022 at 12:15 PM, Steve Sakoman wrote: > > CVE_CHECK_IGNORE > > Is this variable CVE_CHECK_IGNORE valid in dunfell branch too? > Because when I check with "bitbake -c cve_check git" it is still showing as Unpatched only. Arghh! I'm so sorry I missed this. Thanks for the "fix it" patch! Steve
diff --git a/meta/recipes-devtools/git/git.inc b/meta/recipes-devtools/git/git.inc index a89dd42e8b..ffbae145cf 100644 --- a/meta/recipes-devtools/git/git.inc +++ b/meta/recipes-devtools/git/git.inc @@ -20,6 +20,11 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=7c0d7ef03a7eb04ce795b0f60e68e7e1" CVE_PRODUCT = "git-scm:git" +# This is about a manpage not mentioning --mirror may "leak" information +# in mirrored git repos. Most OE users wouldn't build the docs and +# we don't see this as a major issue for our general users/usecases. +CVE_CHECK_IGNORE += "CVE-2022-24975" + PACKAGECONFIG ??= "" PACKAGECONFIG[cvsserver] = "" PACKAGECONFIG[svn] = ""