tiff: Exclude CVE-2015-7313 from cve-check

Some fix upstream addresses the issue, it isn't clear which change this was. Our current version doesn't have issues with the test image though so we can exclude. (From OE-Core rev: 3874da694ae1d9de06dd003bd80705205e2b033b) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2026-03-11 09:49:41 +01:00 · 2021-05-11 14:13:08 +01:00
parent c887238347
commit 2d5c161021
1 changed files with 4 additions and 0 deletions
--- a/meta/recipes-multimedia/libtiff/tiff_4.3.0.bb
+++ b/meta/recipes-multimedia/libtiff/tiff_4.3.0.bb
@@ -15,6 +15,10 @@ SRC_URI[sha256sum] = "0e46e5acb087ce7d1ac53cf4f56a09b221537fc86dfc5daaad1c2e89e1
 # exclude betas
 UPSTREAM_CHECK_REGEX = "tiff-(?P<pver>\d+(\.\d+)+).tar"

+# Tested with check from https://security-tracker.debian.org/tracker/CVE-2015-7313
+# and 4.3.0 doesn't have the issue
+CVE_CHECK_WHITELIST += "CVE-2015-7313"
+
 inherit autotools multilib_header

 CACHED_CONFIGUREVARS = "ax_cv_check_gl_libgl=no"