[meta-java][dunfell][PATCH] jsch: Whitelist CVE-2016-5725

[meta-java][dunfell][PATCH] jsch: Whitelist CVE-2016-5725

[pawan]

From: Pawan Badganchi <badganchipv@gmail.com>

Whitelist the CVE because it only affects windows platforms
Link: https://ubuntu.com/security/CVE-2016-5725

Signed-off-by: Pawan Badganchi <badganchipv@gmail.com>
---
 .../0001-jsch-Whitelist-CVE-2016-5725.patch   | 29 +++++++++++++++++++
 recipes-core/jcraft/jsch_0.1.40.bb            |  3 ++
 2 files changed, 32 insertions(+)
 create mode 100644 recipes-core/jcraft/0001-jsch-Whitelist-CVE-2016-5725.patch

diff --git a/recipes-core/jcraft/0001-jsch-Whitelist-CVE-2016-5725.patch b/recipes-core/jcraft/0001-jsch-Whitelist-CVE-2016-5725.patch
new file mode 100644
index 0000000..880440c
--- /dev/null
+++ b/recipes-core/jcraft/0001-jsch-Whitelist-CVE-2016-5725.patch
@@ -0,0 +1,29 @@
+From 1ea9958fae5a89b04ed790f45cb4f18075a35d65 Mon Sep 17 00:00:00 2001
+From: Pawan Badganchi <pawan.badganchi@kpit.com>
+Date: Wed, 13 Apr 2022 16:04:32 +0530
+Subject: [PATCH] jsch: Whitelist CVE-2016-5725
+
+Whitelist the CVE because it only affects windows platforms
+Link: https://ubuntu.com/security/CVE-2016-5725
+
+Signed-off-by: Pawan Badganchi<pawan.badganchi@kpit.com>
+---
+ recipes-core/jcraft/jsch_0.1.40.bb | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/recipes-core/jcraft/jsch_0.1.40.bb b/recipes-core/jcraft/jsch_0.1.40.bb
+index a0f70d8..1170095 100644
+--- a/recipes-core/jcraft/jsch_0.1.40.bb
++++ b/recipes-core/jcraft/jsch_0.1.40.bb
+@@ -25,5 +25,8 @@ do_compile() {
+ SRC_URI[md5sum] = "b59cec19a487e95aed68378976b4b566"
+ SRC_URI[sha256sum] = "ca9d2ae08fd7a8983fb00d04f0f0c216a985218a5eb364ff9bee73870f28e097"
+ 
++# Whitelist the CVE because it only affects Windows platforms
++CVE_CHECK_WHITELIST += "CVE-2016-5725"
++
+ BBCLASSEXTEND = "native"
+ 
+-- 
+2.17.1
+
diff --git a/recipes-core/jcraft/jsch_0.1.40.bb b/recipes-core/jcraft/jsch_0.1.40.bb
index a0f70d8..1170095 100644
--- a/recipes-core/jcraft/jsch_0.1.40.bb
+++ b/recipes-core/jcraft/jsch_0.1.40.bb
@@ -25,5 +25,8 @@ do_compile() {
 SRC_URI[md5sum] = "b59cec19a487e95aed68378976b4b566"
 SRC_URI[sha256sum] = "ca9d2ae08fd7a8983fb00d04f0f0c216a985218a5eb364ff9bee73870f28e097"
 
+# Whitelist the CVE because it only affects Windows platforms
+CVE_CHECK_WHITELIST += "CVE-2016-5725"
+
 BBCLASSEXTEND = "native"
 
-- 
2.37.3

Re: [meta-java][dunfell][PATCH] jsch: Whitelist CVE-2016-5725

[Pawan Badganchi]

[-- Attachment #1: Type: text/plain, Size: 53 bytes --]

Hello,
Could you please add this patch in dunfell.

[-- Attachment #2: Type: text/html, Size: 57 bytes --]

Re: [meta-java[dunfell][PATCH] jsch: Whitelist CVE-2016-5725

[Pawan]

[-- Attachment #1: Type: text/plain, Size: 19 bytes --]

Sent valid patch.

[-- Attachment #2: Type: text/html, Size: 19 bytes --]

Re: [meta-java[dunfell][PATCH] jsch: Whitelist CVE-2016-5725

[Pawan]

[-- Attachment #1: Type: text/plain, Size: 72 bytes --]

Hello,
Could you please add this patch in the dunfell branch as well.

[-- Attachment #2: Type: text/html, Size: 76 bytes --]

Re: [meta-java[dunfell][PATCH] jsch: Whitelist CVE-2016-5725

[Ranjitsinh Rathod]

[-- Attachment #1: Type: text/plain, Size: 88 bytes --]

Hi There,

Can you please take this on dunfell branch?

Thanks,
Ranjitsinh Rathod

[-- Attachment #2: Type: text/html, Size: 108 bytes --]

[meta-java[dunfell][PATCH] jsch: Whitelist CVE-2016-5725

[Pawan]

From: Pawan Badganchi <pawan.badganchi@kpit.com>

Whitelist the CVE because it only affects windows platforms
Link: https://ubuntu.com/security/CVE-2016-5725

Signed-off-by: Pawan Badganchi<pawan.badganchi@kpit.com>
---
 recipes-core/jcraft/jsch_0.1.40.bb | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/recipes-core/jcraft/jsch_0.1.40.bb b/recipes-core/jcraft/jsch_0.1.40.bb
index a0f70d8..1170095 100644
--- a/recipes-core/jcraft/jsch_0.1.40.bb
+++ b/recipes-core/jcraft/jsch_0.1.40.bb
@@ -25,5 +25,8 @@ do_compile() {
 SRC_URI[md5sum] = "b59cec19a487e95aed68378976b4b566"
 SRC_URI[sha256sum] = "ca9d2ae08fd7a8983fb00d04f0f0c216a985218a5eb364ff9bee73870f28e097"

+# Whitelist the CVE because it only affects Windows platforms
+CVE_CHECK_WHITELIST += "CVE-2016-5725"
+
 BBCLASSEXTEND = "native"

--
2.17.1

This message contains information that may be privileged or confidential and is the property of the KPIT Technologies Ltd. It is intended only for the person to whom it is addressed. If you are not the intended recipient, you are not authorized to read, print, retain copy, disseminate, distribute, or use this message or any part thereof. If you receive this message in error, please notify the sender immediately and delete all copies of this message. KPIT Technologies Ltd. does not accept any liability for virus infected mails.