* [meta-java][dunfell][PATCH v2] xerces-j: Whitelisted CVE-2018-2799
@ 2021-08-11 11:32 Saloni Jain
2021-11-13 13:53 ` akash hadke
0 siblings, 1 reply; 3+ messages in thread
From: Saloni Jain @ 2021-08-11 11:32 UTC (permalink / raw)
To: openembedded-devel, raj.khem, otavio; +Cc: nisha.parrakat
Whitelisted below CVE:
CVE-2018-2799:
CVE only applies to some Oracle Java SE and Red Hat
Enterprise Linux versions which is already fixed with
updates and the issue is closed.
Link: https://access.redhat.com/security/cve/CVE-2018-2799
Link: https://bugzilla.redhat.com/show_bug.cgi?id=1567542
Signed-off-by: Saloni Jain <jainsaloni0918@gmail.com>
---
recipes-core/xerces-j/xerces-j_2.11.0.bb | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/recipes-core/xerces-j/xerces-j_2.11.0.bb b/recipes-core/xerces-j/xerces-j_2.11.0.bb
index 98ef32f..f2a4434 100644
--- a/recipes-core/xerces-j/xerces-j_2.11.0.bb
+++ b/recipes-core/xerces-j/xerces-j_2.11.0.bb
@@ -14,6 +14,12 @@ LIC_FILES_CHKSUM = " \
SRC_URI = "http://archive.apache.org/dist/xerces/j/Xerces-J-src.${PV}.tar.gz"
+# CVE only applies to some Oracle Java SE and Red Hat Enterprise Linux versions.
+# Already fixed with updates and closed.
+# https://access.redhat.com/security/cve/CVE-2018-2799
+# https://bugzilla.redhat.com/show_bug.cgi?id=1567542
+CVE_CHECK_WHITELIST += "CVE-2018-2799"
+
S = "${WORKDIR}/xerces-2_11_0"
inherit java-library
--
2.17.1
^ permalink raw reply related [flat|nested] 3+ messages in thread
end of thread, other threads:[~2021-11-17 15:59 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2021-08-11 11:32 [meta-java][dunfell][PATCH v2] xerces-j: Whitelisted CVE-2018-2799 Saloni Jain
2021-11-13 13:53 ` akash hadke
2021-11-17 15:58 ` [oe] " Richard Leitner - SKIDATA
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.