From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][dunfell 1/9] gcc-shared-source: whitelist CVE-2023-4039
Date: Thu, 22 Feb 2024 04:30:32 -1000 [thread overview]
Message-ID: <037f640b9272ba055ee41eeb1e6e9b002faefe36.1708612053.git.steve@sakoman.com> (raw)
In-Reply-To: <cover.1708612053.git.steve@sakoman.com>
From: Peter Marko <peter.marko@siemens.com>
Concept of gcc-source prevents cve-check to detect existing
CVE patch file.
So whitelist this CVE in all recipes using gcc-source via this
include file.
(From OE-Core rev: 04511734c6dc8c7dda3a943b385cd273d012d8c7)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
(cherry picked from commit d803ca653139aa2d6acb4f99469c76a9d232b307)
Signed-off-by: Dnyandev Padalkar <padalkards17082001@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/recipes-devtools/gcc/gcc-shared-source.inc | 3 +++
1 file changed, 3 insertions(+)
diff --git a/meta/recipes-devtools/gcc/gcc-shared-source.inc b/meta/recipes-devtools/gcc/gcc-shared-source.inc
index aac4b49313..4baf7874d2 100644
--- a/meta/recipes-devtools/gcc/gcc-shared-source.inc
+++ b/meta/recipes-devtools/gcc/gcc-shared-source.inc
@@ -9,3 +9,6 @@ SRC_URI = ""
do_configure[depends] += "gcc-source-${PV}:do_preconfigure"
do_populate_lic[depends] += "gcc-source-${PV}:do_unpack"
+
+# patch is available via gcc-source recipe
+CVE_CHECK_WHITELIST += "CVE-2023-4039"
--
2.34.1
next prev parent reply other threads:[~2024-02-22 14:30 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-02-22 14:30 [OE-core][dunfell 0/9] Patch review Steve Sakoman
2024-02-22 14:30 ` Steve Sakoman [this message]
2024-02-22 14:30 ` [OE-core][dunfell 2/9] vim: upgrade v9.0.2130 -> v9.0.2190 Steve Sakoman
2024-02-22 14:30 ` [OE-core][dunfell 3/9] linux-yocto/5.4: update to v5.4.264 Steve Sakoman
2024-02-22 14:30 ` [OE-core][dunfell 4/9] linux-yocto/5.4: update to v5.4.265 Steve Sakoman
2024-02-22 14:30 ` [OE-core][dunfell 5/9] linux-yocto/5.4: update to v5.4.266 Steve Sakoman
2024-02-22 14:30 ` [OE-core][dunfell 6/9] linux-yocto/5.4: update to v5.4.267 Steve Sakoman
2024-02-22 14:30 ` [OE-core][dunfell 7/9] linux-yocto/5.4: update to v5.4.268 Steve Sakoman
2024-02-22 14:30 ` [OE-core][dunfell 8/9] cve-exclusion_5.4.inc: update for 5.4.268 Steve Sakoman
2024-02-22 14:47 ` Patchtest results for " patchtest
2024-02-22 14:30 ` [OE-core][dunfell 9/9] sstatesig: Allow exclusion of the root directory for do_package Steve Sakoman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=037f640b9272ba055ee41eeb1e6e9b002faefe36.1708612053.git.steve@sakoman.com \
--to=steve@sakoman.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox