rpm: Exclude CVE-2021-20271 from cve-check

This is included in the release we have, it was the reason for the last rpm point release. (From OE-Core rev: 117feb358c81b6b852dee24268eac0a1a47c1701) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2026-04-23 00:32:12 +02:00 · 2021-05-12 23:28:54 +01:00
parent 53ac441029
commit b77802fb05
1 changed files with 4 additions and 0 deletions
--- a/meta/recipes-devtools/rpm/rpm_4.16.1.3.bb
+++ b/meta/recipes-devtools/rpm/rpm_4.16.1.3.bb
@@ -47,6 +47,10 @@ SRCREV = "3659b8a04f5b8bacf6535e0124e7fe23f15286bd"

 S = "${WORKDIR}/git"

+# Fix https://github.com/rpm-software-management/rpm/commit/d6a86b5e69e46cc283b1e06c92343319beb42e21
+# included in 4.16.1.3
+CVE_CHECK_WHIETLIST += "CVE-2021-20271"
+
 DEPENDS = "libgcrypt db file popt xz bzip2 elfutils python3"
 DEPENDS_append_class-native = " file-replacement-native bzip2-replacement-native"