smack: add 3 cves to allowlist

Submitted by Sekine Shigeki on June 18, 2021, 12:16 p.m. | Patch ID: 179892

Details

Message ID 20210618121650.4798-1-sekine.shigeki@fujitsu.com
State New
Headers show

Commit Message

Sekine Shigeki June 18, 2021, 12:16 p.m.
CVE-2014-0363, CVE-2014-0364, CVE-2016-10027 are not for smack of smack-team(https://github.com/smack-team/smack) but other project.

Signed-off-by: Sekine Shigeki <sekine.shigeki@fujitsu.com>
---
 recipes-mac/smack/smack_1.3.1.bb | 5 +++++
 1 file changed, 5 insertions(+)

Patch hide | download patch | download mbox

diff --git a/recipes-mac/smack/smack_1.3.1.bb b/recipes-mac/smack/smack_1.3.1.bb
index b1ea4e9..6ae715e 100644
--- a/recipes-mac/smack/smack_1.3.1.bb
+++ b/recipes-mac/smack/smack_1.3.1.bb
@@ -13,6 +13,11 @@  SRC_URI = " \
 
 PV = "1.3.1"
 
+# CVE-2014-0363, CVE-2014-0364, CVE-2016-10027 is valnerble for other product.
+CVE_CHECK_WHITELIST += "CVE-2014-0363"
+CVE_CHECK_WHITELIST += "CVE-2014-0364"
+CVE_CHECK_WHITELIST += "CVE-2016-10027"
+
 inherit autotools update-rc.d pkgconfig ptest
 inherit ${@bb.utils.contains('VIRTUAL-RUNTIME_init_manager','systemd','systemd','', d)}
 inherit features_check

Comments

Armin Kuster June 18, 2021, 2:25 p.m.
On 6/18/21 5:16 AM, Sekine Shigeki wrote:
> CVE-2014-0363, CVE-2014-0364, CVE-2016-10027 are not for smack of smack-team(https://github.com/smack-team/smack) but other project.

Thanks. So this is for meta-security layer based on version.

- armin
>
> Signed-off-by: Sekine Shigeki <sekine.shigeki@fujitsu.com>
> ---
>  recipes-mac/smack/smack_1.3.1.bb | 5 +++++
>  1 file changed, 5 insertions(+)
>
> diff --git a/recipes-mac/smack/smack_1.3.1.bb b/recipes-mac/smack/smack_1.3.1.bb
> index b1ea4e9..6ae715e 100644
> --- a/recipes-mac/smack/smack_1.3.1.bb
> +++ b/recipes-mac/smack/smack_1.3.1.bb
> @@ -13,6 +13,11 @@ SRC_URI = " \
>  
>  PV = "1.3.1"
>  
> +# CVE-2014-0363, CVE-2014-0364, CVE-2016-10027 is valnerble for other product.
> +CVE_CHECK_WHITELIST += "CVE-2014-0363"
> +CVE_CHECK_WHITELIST += "CVE-2014-0364"
> +CVE_CHECK_WHITELIST += "CVE-2016-10027"
> +
>  inherit autotools update-rc.d pkgconfig ptest
>  inherit ${@bb.utils.contains('VIRTUAL-RUNTIME_init_manager','systemd','systemd','', d)}
>  inherit features_check
>
> 
>
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#53913): https://lists.yoctoproject.org/g/yocto/message/53913
Mute This Topic: https://lists.yoctoproject.org/mt/83626672/3617530
Group Owner: yocto+owner@lists.yoctoproject.org
Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub [oe-patchwork@oe-patch.openembedded.org]
-=-=-=-=-=-=-=-=-=-=-=-
Armin Kuster June 20, 2021, 10:51 p.m.
merged.

On 6/18/21 5:16 AM, Sekine Shigeki wrote:
> CVE-2014-0363, CVE-2014-0364, CVE-2016-10027 are not for smack of smack-team(https://github.com/smack-team/smack) but other project.
>
> Signed-off-by: Sekine Shigeki <sekine.shigeki@fujitsu.com>
> ---
>  recipes-mac/smack/smack_1.3.1.bb | 5 +++++
>  1 file changed, 5 insertions(+)
>
> diff --git a/recipes-mac/smack/smack_1.3.1.bb b/recipes-mac/smack/smack_1.3.1.bb
> index b1ea4e9..6ae715e 100644
> --- a/recipes-mac/smack/smack_1.3.1.bb
> +++ b/recipes-mac/smack/smack_1.3.1.bb
> @@ -13,6 +13,11 @@ SRC_URI = " \
>  
>  PV = "1.3.1"
>  
> +# CVE-2014-0363, CVE-2014-0364, CVE-2016-10027 is valnerble for other product.
> +CVE_CHECK_WHITELIST += "CVE-2014-0363"
> +CVE_CHECK_WHITELIST += "CVE-2014-0364"
> +CVE_CHECK_WHITELIST += "CVE-2016-10027"
> +
>  inherit autotools update-rc.d pkgconfig ptest
>  inherit ${@bb.utils.contains('VIRTUAL-RUNTIME_init_manager','systemd','systemd','', d)}
>  inherit features_check
>
> 
>
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#53923): https://lists.yoctoproject.org/g/yocto/message/53923
Mute This Topic: https://lists.yoctoproject.org/mt/83626672/3617530
Group Owner: yocto+owner@lists.yoctoproject.org
Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub [oe-patchwork@oe-patch.openembedded.org]
-=-=-=-=-=-=-=-=-=-=-=-