mirror of
https://git.yoctoproject.org/poky
synced 2026-06-02 01:19:52 +00:00
tar: ignore node-tar CVEs
These two CVEs are specific to the Node package node-tar. (From OE-Core rev: d1b09f81ad80e5099ae670c965dcf7d39ad09ac1) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit bc7216e8148d0dee7b56e6851da6615e93647a0a) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
Ross Burton
committed by
Richard Purdie
Richard Purdie
parent
0de8d08213
commit
77269f9163
@@ -65,3 +65,6 @@ PROVIDES_append_class-native = " tar-replacement-native"
|
||||
NATIVE_PACKAGE_PATH_SUFFIX = "/${PN}"
|
||||
|
||||
BBCLASSEXTEND = "native nativesdk"
|
||||
|
||||
# These are both specific to the NPM package node-tar
|
||||
CVE_CHECK_WHITELIST += "CVE-2021-32803 CVE-2021-32804"
|
||||
|
||||
Reference in New Issue
Block a user