From d49e96aac4616c439a2d778b95a793037dac884e Mon Sep 17 00:00:00 2001
From: Akifumi Chikazawa <chikazawa.akifu@fujitsu.com>
Date: Fri, 25 Jun 2021 15:51:23 +0900
Subject: [PATCH] openvpn: add CVE-2020-7224 and CVE-2020-27569 to allowlist

CVE-2020-7224 and CVE-2020-27569 are for Aviatrix OpenVPN client,
not for openvpn.

Signed-off-by: Akifumi Chikazawa <chikazawa.akifu@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
 meta-networking/recipes-support/openvpn/openvpn_2.5.3.bb | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/meta-networking/recipes-support/openvpn/openvpn_2.5.3.bb b/meta-networking/recipes-support/openvpn/openvpn_2.5.3.bb
index 20f971a3b7..7f4cc189ce 100644
--- a/meta-networking/recipes-support/openvpn/openvpn_2.5.3.bb
+++ b/meta-networking/recipes-support/openvpn/openvpn_2.5.3.bb
@@ -17,6 +17,9 @@ UPSTREAM_CHECK_URI = "https://openvpn.net/community-downloads"
 SRC_URI[md5sum] = "08895fd1142f25fdd94a98315632e1bf"
 SRC_URI[sha256sum] = "75f0044df449430555ca7b995a2b77ab24f2946fdc3668301b8edc23986a5f7e"
 
+# CVE-2020-7224 and CVE-2020-27569 are for Aviatrix OpenVPN client, not for openvpn.
+CVE_CHECK_WHITELIST += "CVE-2020-7224 CVE-2020-27569"
+
 SYSTEMD_SERVICE_${PN} += "openvpn@loopback-server.service openvpn@loopback-client.service"
 SYSTEMD_AUTO_ENABLE = "disable"