1
0
mirror of https://git.yoctoproject.org/poky synced 2026-07-16 15:57:04 +00:00
Files
Peter Marko 52adde71ad zlib: ignore CVE-2023-6992
This CVE is for iCPE cloudflare:zlib.

Alternative to ignoring would be to limit CVE_PRODUCT, but
historic CVEs already have two - gnu:zlib and zlib:zlib.
So limiting it could miss future CVEs.

(From OE-Core rev: 7523c7b3609220b4dfc2bb0a83c552db60e1dc7e)

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 9f953a1cd832f03f0b3666168addf45fd4fc8d14)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2024-02-22 04:34:14 -10:00

51 lines
1.4 KiB
BlitzBasic

SUMMARY = "Zlib Compression Library"
DESCRIPTION = "Zlib is a general-purpose, patent-free, lossless data compression \
library which is used by many different programs."
HOMEPAGE = "http://zlib.net/"
SECTION = "libs"
LICENSE = "Zlib"
LIC_FILES_CHKSUM = "file://zlib.h;beginline=6;endline=23;md5=5377232268e952e9ef63bc555f7aa6c0"
# The source tarball needs to be .gz as only the .gz ends up in fossils/
SRC_URI = "https://zlib.net/${BP}.tar.gz \
file://0001-configure-Pass-LDFLAGS-to-link-tests.patch \
file://run-ptest \
"
UPSTREAM_CHECK_URI = "http://zlib.net/"
SRC_URI[sha256sum] = "ff0ba4c292013dbc27530b3a81e1f9a813cd39de01ca5e0f8bf355702efa593e"
# When a new release is made the previous release is moved to fossils/, so add this
# to PREMIRRORS so it is also searched automatically.
PREMIRRORS:append = " https://zlib.net/ https://zlib.net/fossils/"
CFLAGS += "-D_REENTRANT"
RDEPENDS:${PN}-ptest += "make"
inherit ptest
B = "${WORKDIR}/build"
do_configure() {
LDCONFIG=true ${S}/configure --prefix=${prefix} --shared --libdir=${libdir} --uname=GNU
}
do_configure[cleandirs] += "${B}"
do_compile() {
oe_runmake shared
}
do_install() {
oe_runmake DESTDIR=${D} install
}
do_install_ptest() {
install ${B}/examplesh ${D}${PTEST_PATH}
}
BBCLASSEXTEND = "native nativesdk"
CVE_STATUS[CVE-2023-45853] = "not-applicable-config: we don't build minizip"
CVE_STATUS[CVE-2023-6992] = "cpe-incorrect: this CVE is for cloudflare zlib"