| Message ID | 20230612115743.52686-3-andrej.valek@siemens.com |
|---|---|
| State | New, archived |
| Headers | show |
| Series | [v4,1/3] cve-check: add option to add additional patched CVEs | expand |
This was sent by misstate, ignore it please. Andrej On Mon, 2023-06-12 at 13:57 +0200, Andrej Valek wrote: > All mentioned CVEs are related to HSTS check feature, which is not > implemented in version 7.69.1 . > > Signed-off-by: Andrej Valek <andrej.valek@siemens.com> > --- > meta/recipes-support/curl/curl_7.69.1.bb | 3 +++ > 1 file changed, 3 insertions(+) > > diff --git a/meta/recipes-support/curl/curl_7.69.1.bb b/meta/recipes- > support/curl/curl_7.69.1.bb > index 899daf8eac..ea36c0bd3d 100644 > --- a/meta/recipes-support/curl/curl_7.69.1.bb > +++ b/meta/recipes-support/curl/curl_7.69.1.bb > @@ -56,6 +56,9 @@ CVE_CHECK_WHITELIST = "CVE-2021-22922 CVE-2021-22923 CVE- > 2021-22926 CVE-2021-229 > # This CVE issue affects Windows only Hence whitelisting this CVE > CVE_CHECK_WHITELIST += "CVE-2021-22897" > > +# HSTS check feature is not implemented > +CVE_CHECK_WHITELIST += "CVE-2022-42915 CVE-2022-42916 CVE-2022-43551" > + > inherit autotools pkgconfig binconfig multilib_header > > PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'ipv6', d)} gnutls > libidn proxy threaded-resolver verbose zlib"
diff --git a/meta/recipes-support/curl/curl_7.69.1.bb b/meta/recipes-support/curl/curl_7.69.1.bb index 899daf8eac..ea36c0bd3d 100644 --- a/meta/recipes-support/curl/curl_7.69.1.bb +++ b/meta/recipes-support/curl/curl_7.69.1.bb @@ -56,6 +56,9 @@ CVE_CHECK_WHITELIST = "CVE-2021-22922 CVE-2021-22923 CVE-2021-22926 CVE-2021-229 # This CVE issue affects Windows only Hence whitelisting this CVE CVE_CHECK_WHITELIST += "CVE-2021-22897" +# HSTS check feature is not implemented +CVE_CHECK_WHITELIST += "CVE-2022-42915 CVE-2022-42916 CVE-2022-43551" + inherit autotools pkgconfig binconfig multilib_header PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'ipv6', d)} gnutls libidn proxy threaded-resolver verbose zlib"
All mentioned CVEs are related to HSTS check feature, which is not implemented in version 7.69.1 . Signed-off-by: Andrej Valek <andrej.valek@siemens.com> --- meta/recipes-support/curl/curl_7.69.1.bb | 3 +++ 1 file changed, 3 insertions(+)