* [meta-java][dunfell][PATCH v2] xerces-j: Whitelisted CVE-2018-2799
@ 2021-08-11 11:32 Saloni Jain
2021-11-13 13:53 ` akash hadke
0 siblings, 1 reply; 3+ messages in thread
From: Saloni Jain @ 2021-08-11 11:32 UTC (permalink / raw)
To: openembedded-devel, raj.khem, otavio; +Cc: nisha.parrakat
Whitelisted below CVE:
CVE-2018-2799:
CVE only applies to some Oracle Java SE and Red Hat
Enterprise Linux versions which is already fixed with
updates and the issue is closed.
Link: https://access.redhat.com/security/cve/CVE-2018-2799
Link: https://bugzilla.redhat.com/show_bug.cgi?id=1567542
Signed-off-by: Saloni Jain <jainsaloni0918@gmail.com>
---
recipes-core/xerces-j/xerces-j_2.11.0.bb | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/recipes-core/xerces-j/xerces-j_2.11.0.bb b/recipes-core/xerces-j/xerces-j_2.11.0.bb
index 98ef32f..f2a4434 100644
--- a/recipes-core/xerces-j/xerces-j_2.11.0.bb
+++ b/recipes-core/xerces-j/xerces-j_2.11.0.bb
@@ -14,6 +14,12 @@ LIC_FILES_CHKSUM = " \
SRC_URI = "http://archive.apache.org/dist/xerces/j/Xerces-J-src.${PV}.tar.gz"
+# CVE only applies to some Oracle Java SE and Red Hat Enterprise Linux versions.
+# Already fixed with updates and closed.
+# https://access.redhat.com/security/cve/CVE-2018-2799
+# https://bugzilla.redhat.com/show_bug.cgi?id=1567542
+CVE_CHECK_WHITELIST += "CVE-2018-2799"
+
S = "${WORKDIR}/xerces-2_11_0"
inherit java-library
--
2.17.1
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [meta-java][dunfell][PATCH v2] xerces-j: Whitelisted CVE-2018-2799
2021-08-11 11:32 [meta-java][dunfell][PATCH v2] xerces-j: Whitelisted CVE-2018-2799 Saloni Jain
@ 2021-11-13 13:53 ` akash hadke
2021-11-17 15:58 ` [oe] " Richard Leitner - SKIDATA
0 siblings, 1 reply; 3+ messages in thread
From: akash hadke @ 2021-11-13 13:53 UTC (permalink / raw)
To: openembedded-devel
[-- Attachment #1: Type: text/plain, Size: 76 bytes --]
Hi,
Is there any update on this? Is it going to integrate into dunfell?
[-- Attachment #2: Type: text/html, Size: 84 bytes --]
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [oe] [meta-java][dunfell][PATCH v2] xerces-j: Whitelisted CVE-2018-2799
2021-11-13 13:53 ` akash hadke
@ 2021-11-17 15:58 ` Richard Leitner - SKIDATA
0 siblings, 0 replies; 3+ messages in thread
From: Richard Leitner - SKIDATA @ 2021-11-17 15:58 UTC (permalink / raw)
To: akash.hadke; +Cc: openembedded-devel
Hi Akash,
On Sat, Nov 13, 2021 at 05:53:46AM -0800, akash hadke via lists.openembedded.org wrote:
> Hi,
>
> Is there any update on this? Is it going to integrate into dunfell?
Thanks for the reminder.
It seems my CI script missed the final push.
I'm sorry!
Everything should be up2date now.
regards;rl
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2021-11-17 15:59 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-08-11 11:32 [meta-java][dunfell][PATCH v2] xerces-j: Whitelisted CVE-2018-2799 Saloni Jain
2021-11-13 13:53 ` akash hadke
2021-11-17 15:58 ` [oe] " Richard Leitner - SKIDATA
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.