summaryrefslogtreecommitdiff
path: root/meta/classes/mime.bbclass
diff options
context:
space:
mode:
authorAndré Draszik <adraszik@tycoint.com>2016-11-04 11:06:31 +0000
committerRichard Purdie <richard.purdie@linuxfoundation.org>2017-01-11 11:46:38 +0000
commitb4498a6b734661fdfe3ff4e0a9850e796b72005c (patch)
treec7f52a09ec1d7cca25cd59c1f90292aa3bb729fa /meta/classes/mime.bbclass
parentf07c139e91d2173dac4289727d1401a19d6ed821 (diff)
downloadopenembedded-core-b4498a6b734661fdfe3ff4e0a9850e796b72005c.tar.gz
openembedded-core-b4498a6b734661fdfe3ff4e0a9850e796b72005c.tar.bz2
openembedded-core-b4498a6b734661fdfe3ff4e0a9850e796b72005c.zip
cve-check.bbclass: CVE-2014-2524 / readline v5.2
Contrary to the CVE report, the vulnerable trace functions don't exist in readline v5.2 (which we keep for GPLv2+ purposes), they were added in readline v6.0 only - let's whitelist that CVE in order to avoid false positives. See also the discussion in https://patchwork.openembedded.org/patch/81765/ (From OE-Core rev: b881a288eec598002685f68da80a24e0478fa496) Signed-off-by: André Draszik <adraszik@tycoint.com> Reviewed-by: Lukasz Nowak <lnowak@tycoint.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
Diffstat (limited to 'meta/classes/mime.bbclass')
0 files changed, 0 insertions, 0 deletions