mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-03-17 20:59:42 +01:00
Code Issues Packages Projects Releases Wiki Activity

cups: whitelist CVE-2021-25317

Browse Source 
This CVE relates to bad ownership of /var/log/cups, which we don't have.

(From OE-Core rev: 68ee8fd1ec0f09c6477578de40e1adfc7ba35027)

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 0792312f3637ec160d2ef90781a8cb1f75b84940)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
Ross Burton
2021-05-17 12:19:13 +01:00
committed by Richard Purdie
parent 6ebb33bdac
commit 0b6e24d0dd
1 changed files with 4 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
meta/recipes-extended/cups/cups.inc
View File

@@ -116,3 +116,7 @@ SYSROOT_PREPROCESS_FUNCS += "cups_sysroot_preprocess"
cups_sysroot_preprocess () {
sed -i ${SYSROOT_DESTDIR}${bindir_crossscripts}/cups-config -e 's:cups_datadir=.*:cups_datadir=${datadir}/cups:' -e 's:cups_serverbin=.*:cups_serverbin=${libexecdir}/cups:'
}
# -25317 concerns /var/log/cups having lp ownership. Our /var/log/cups is
# root:root, so this doesn't apply.
CVE_CHECK_WHITELIST += "CVE-2021-25317"