diff mbox series

[dunfell,02/11] ruby: Whitelist CVE-2021-28966 as this affects Windows OS only

Message ID df6242b72b0477fb61c7dc18ad52a1f147ec7d07.1654136888.git.steve@sakoman.com
State Accepted, archived
Commit df6242b72b0477fb61c7dc18ad52a1f147ec7d07
Headers show
Series [dunfell,01/11] ruby: Upgrade ruby to 2.7.6 for security fix | expand

Commit Message

Steve Sakoman June 2, 2022, 2:30 a.m. UTC 
From: Ranjitsinh Rathod <ranjitsinh.rathod@kpit.com>

As per below debian link, CVE-2021-28966 affects Windows only
Link: https://security-tracker.debian.org/tracker/CVE-2021-28966

Signed-off-by: Ranjitsinh Rathod <ranjitsinh.rathod@kpit.com>
Signed-off-by: Ranjitsinh Rathod <ranjitsinhrathod1991@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-devtools/ruby/ruby_2.7.6.bb | 4 ++++
 1 file changed, 4 insertions(+)
diff mbox series

Patch

diff --git a/meta/recipes-devtools/ruby/ruby_2.7.6.bb b/meta/recipes-devtools/ruby/ruby_2.7.6.bb
index 658a17659a..3af321a83e 100644
--- a/meta/recipes-devtools/ruby/ruby_2.7.6.bb
+++ b/meta/recipes-devtools/ruby/ruby_2.7.6.bb
@@ -12,6 +12,10 @@  SRC_URI += " \
 SRC_URI[md5sum] = "f972fb0cce662966bec10d5c5f32d042"
 SRC_URI[sha256sum] = "e7203b0cc09442ed2c08936d483f8ac140ec1c72e37bb5c401646b7866cb5d10"
 
+# CVE-2021-28966 is Windows specific and not affects Linux OS
+# https://security-tracker.debian.org/tracker/CVE-2021-28966
+CVE_CHECK_WHITELIST += "CVE-2021-28966"
+
 PACKAGECONFIG ??= ""
 PACKAGECONFIG += "${@bb.utils.filter('DISTRO_FEATURES', 'ipv6', d)}"