[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openembedded-core
Subject:    [OE-core][dunfell 15/17] cups: Mark CVE-2009-0032 as a non-issue
From:       "Steve Sakoman" <steve () sakoman ! com>
Date:       2020-12-28 22:15:52
Message-ID: 1d2022bcaa15f6f56ffcb10872126db2ac0336e7.1609193554.git.steve () sakoman ! com
[Download RAW message or body]

From: Richard Purdie <richard.purdie@linuxfoundation.org>

The CVE was against a cups plugin which is obsolete and we don't include.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 5f7cb9f6ec4b14f992d265b8c67a9f5589f9b842)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-extended/cups/cups.inc | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/meta/recipes-extended/cups/cups.inc b/meta/recipes-extended/cups/cups.inc
index 9b4b2a9b13..509c80c313 100644
--- a/meta/recipes-extended/cups/cups.inc
+++ b/meta/recipes-extended/cups/cups.inc
@@ -18,6 +18,8 @@ SRC_URI = "https://github.com/apple/cups/releases/download/v${PV}/${BP}-source.t
 UPSTREAM_CHECK_URI = "https://github.com/apple/cups/releases"
 UPSTREAM_CHECK_REGEX = "cups-(?P<pver>\d+\.\d+(\.\d+)?)-source.tar"
 
+# Issue affects pdfdistiller plugin used with but not part of cups
+CVE_CHECK_WHITELIST += "CVE-2009-0032"
 # This is an Ubuntu only issue.
 CVE_CHECK_WHITELIST += "CVE-2018-6553"
 
-- 
2.17.1



-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#146286): https://lists.openembedded.org/g/openembedded-core/message/146286
Mute This Topic: https://lists.openembedded.org/mt/79279334/4454766
Group Owner: openembedded-core+owner@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [openembedded-core@marc.info]
-=-=-=-=-=-=-=-=-=-=-=-



[prev in list] [next in list] [prev in thread] [next in thread]