Message ID | 20220822143524.2755202-1-richard.purdie@linuxfoundation.org |
---|---|
State | Accepted, archived |
Commit | 28cd290cc70f2401da1f51d17a3533ce581afbca |
Headers | show |
Series | libtirpc: Mark CVE-2021-46828 as resolved | expand |
diff --git a/meta/recipes-extended/libtirpc/libtirpc_1.3.3.bb b/meta/recipes-extended/libtirpc/libtirpc_1.3.3.bb index bd13f6e95e9..8c6c20733c9 100644 --- a/meta/recipes-extended/libtirpc/libtirpc_1.3.3.bb +++ b/meta/recipes-extended/libtirpc/libtirpc_1.3.3.bb @@ -14,6 +14,9 @@ UPSTREAM_CHECK_URI = "https://sourceforge.net/projects/libtirpc/files/libtirpc/" UPSTREAM_CHECK_REGEX = "(?P<pver>\d+(\.\d+)+)/" SRC_URI[sha256sum] = "6474e98851d9f6f33871957ddee9714fdcd9d8a5ee9abb5a98d63ea2e60e12f3" +# Was fixed in 1.3.3rc1 so not present in 1.3.3 +CVE_CHECK_IGNORE += "CVE-2021-46828" + inherit autotools pkgconfig EXTRA_OECONF = "--disable-gssapi"
This CVE only applied to pre 1.3.3rc1 and we're on 1.3.3 so we're sorted but the rc versions make the automated matching fail. Therefore handle manually. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> --- meta/recipes-extended/libtirpc/libtirpc_1.3.3.bb | 3 +++ 1 file changed, 3 insertions(+)