mirror of
https://git.yoctoproject.org/poky
synced 2026-05-08 05:09:24 +00:00
cve-check: remove redundant readline CVE whitelisting
CVE-2014-2524 is a readline CVE that was fixed in 6.3patch3 onwards, but the tooling wasn't able to detect this version. As we now ship readline 8 we don't need to manually whitelist it, and if we did then the whitelisting should be in the readline recipe. (From OE-Core rev: 07bb8b25e172aa5c8ae96b6e8eb4ac901b835219) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
Ross Burton
committed by
Richard Purdie
Richard Purdie
parent
6726c663fd
commit
91f6c9f3ee
@@ -41,10 +41,15 @@ CVE_CHECK_PN_WHITELIST = "\
|
||||
glibc-locale \
|
||||
"
|
||||
|
||||
# Whitelist for CVE and version of package
|
||||
CVE_CHECK_CVE_WHITELIST = "{\
|
||||
'CVE-2014-2524': ('6.3','5.2',), \
|
||||
}"
|
||||
# Whitelist for CVE and version of package. If a CVE is found then the PV is
|
||||
# compared with the version list, and if found the CVE is considered
|
||||
# patched.
|
||||
#
|
||||
# The value should be valid Python in this format:
|
||||
# {
|
||||
# 'CVE-2014-2524': ('6.3','5.2')
|
||||
# }
|
||||
CVE_CHECK_CVE_WHITELIST ?= "{}"
|
||||
|
||||
python do_cve_check () {
|
||||
"""
|
||||
|
||||
Reference in New Issue
Block a user