From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][kirkstone 02/26] tiff: Add jbig PACKAGECONFIG and clarify CVE-2022-1210
Date: Thu, 2 Jun 2022 06:51:34 -1000 [thread overview]
Message-ID: <95f1c5d0bb7bc7cae2715d0c9b569fa369a64575.1654188574.git.steve@sakoman.com> (raw)
In-Reply-To: <cover.1654188574.git.steve@sakoman.com>
From: Richard Purdie <richard.purdie@linuxfoundation.org>
We never depended upon libjbig so this was never present. Add the
PACKAGECONFIG to make this explict.
CVE-2022-1210 is an issue in libjbig so we don't have a problem there,
mark as such.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 34e6a19f2430ee2fd0fec4bec1891e898a0d9766)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/recipes-multimedia/libtiff/tiff_4.3.0.bb | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/meta/recipes-multimedia/libtiff/tiff_4.3.0.bb b/meta/recipes-multimedia/libtiff/tiff_4.3.0.bb
index c5e964ec8c..7a5e4816a6 100644
--- a/meta/recipes-multimedia/libtiff/tiff_4.3.0.bb
+++ b/meta/recipes-multimedia/libtiff/tiff_4.3.0.bb
@@ -32,6 +32,9 @@ CVE_CHECK_IGNORE += "CVE-2015-7313"
# caused by 3079627e and fixed by b4e79bfa.
CVE_CHECK_IGNORE += "CVE-2022-1622 CVE-2022-1623"
+# Issue is in jbig which we don't enable
+CVE_CHECK_IGNORE += "CVE-2022-1210"
+
inherit autotools multilib_header
CACHED_CONFIGUREVARS = "ax_cv_check_gl_libgl=no"
@@ -40,6 +43,7 @@ PACKAGECONFIG ?= "cxx jpeg zlib lzma \
strip-chopping extrasample-as-alpha check-ycbcr-subsampling"
PACKAGECONFIG[cxx] = "--enable-cxx,--disable-cxx,,"
+PACKAGECONFIG[jbig] = "--enable-jbig,--disable-jbig,jbig,"
PACKAGECONFIG[jpeg] = "--enable-jpeg,--disable-jpeg,jpeg,"
PACKAGECONFIG[zlib] = "--enable-zlib,--disable-zlib,zlib,"
PACKAGECONFIG[lzma] = "--enable-lzma,--disable-lzma,xz,"
--
2.25.1
next prev parent reply other threads:[~2022-06-02 16:52 UTC|newest]
Thread overview: 35+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-06-02 16:51 [OE-core][kirkstone 00/26] Patch review Steve Sakoman
2022-06-02 16:51 ` [OE-core][kirkstone 01/26] vim: Upgrade 8.2.4912 -> 8.2.5034 to fix 9 CVEs Steve Sakoman
2022-06-02 16:51 ` Steve Sakoman [this message]
2022-06-02 16:51 ` [OE-core][kirkstone 03/26] libxslt: Mark CVE-2022-29824 as not applying Steve Sakoman
2022-06-02 16:51 ` [OE-core][kirkstone 04/26] cve-check.bbclass: Added do_populate_sdk[recrdeptask] Steve Sakoman
2022-06-02 16:51 ` [OE-core][kirkstone 05/26] cve-check: Add helper for symlink handling Steve Sakoman
2022-06-02 16:51 ` [OE-core][kirkstone 06/26] cve-check: Only include installed packages for rootfs manifest Steve Sakoman
2022-06-02 16:51 ` [OE-core][kirkstone 07/26] cve-extra-exclusions: Add kernel CVEs Steve Sakoman
2022-06-02 16:51 ` [OE-core][kirkstone 08/26] cve-check: Allow warnings to be disabled Steve Sakoman
2022-06-02 16:51 ` [OE-core][kirkstone 09/26] linux-yocto/5.15: update to v5.15.37 Steve Sakoman
2022-06-02 16:51 ` [OE-core][kirkstone 10/26] linux-yocto/5.10: update to v5.10.113 Steve Sakoman
2022-06-02 16:51 ` [OE-core][kirkstone 11/26] linux-yocto/5.15: update to v5.15.38 Steve Sakoman
2022-06-02 16:51 ` [OE-core][kirkstone 12/26] linux-yocto/5.10: update to v5.10.114 Steve Sakoman
2022-06-02 16:51 ` [OE-core][kirkstone 13/26] libpcre2: upgrade 10.39 -> 10.40 Steve Sakoman
2022-06-02 16:51 ` [OE-core][kirkstone 14/26] ncurses: update to patchlevel 20220423 Steve Sakoman
2022-06-02 16:51 ` [OE-core][kirkstone 15/26] mesa.inc: package 00-radv-defaults.conf Steve Sakoman
2022-06-02 16:51 ` [OE-core][kirkstone 16/26] staging.bbclass: process direct dependencies in deterministic order Steve Sakoman
2022-06-02 16:51 ` [OE-core][kirkstone 17/26] libseccomp: Add missing files for ptests Steve Sakoman
2022-06-02 16:51 ` [OE-core][kirkstone 18/26] insane.bbclass: make sure to close .patch files Steve Sakoman
2022-06-02 16:51 ` [OE-core][kirkstone 19/26] pciutils: avoid lspci conflict with busybox Steve Sakoman
2022-06-02 16:51 ` [OE-core][kirkstone 20/26] ovmf: Fix native build with gcc-12 Steve Sakoman
2022-06-02 16:51 ` [OE-core][kirkstone 21/26] rust-common: Fix sstate signatures between arm hf and non-hf Steve Sakoman
2022-06-02 16:51 ` [OE-core][kirkstone 22/26] rust-common: Ensure sstate signatures have correct dependencues for do_rust_gen_targets Steve Sakoman
2022-06-02 16:51 ` [OE-core][kirkstone 23/26] rust-common: Fix for target definitions returning 'NoneType' for arm Steve Sakoman
2022-06-02 16:51 ` [OE-core][kirkstone 24/26] rust-common: Drop LLVM_TARGET and simplify Steve Sakoman
2022-06-02 16:51 ` [OE-core][kirkstone 25/26] rust-common: Fix native signature dependency issues Steve Sakoman
2022-06-02 16:51 ` [OE-core][kirkstone 26/26] gcc: Upgrade to 11.3 release Steve Sakoman
2022-06-10 8:39 ` [kirkstone 00/26] Patch review Sundeep KOKKONDA
2022-06-10 9:12 ` [OE-core] " Martin Jansa
2022-06-10 9:13 ` Martin Jansa
2022-06-10 14:19 ` Steve Sakoman
2022-06-16 2:19 ` Sundeep KOKKONDA
2022-06-16 14:19 ` [OE-core] " Randy MacLeod
2022-06-20 3:09 ` Sundeep KOKKONDA
2022-06-27 12:12 ` Randy MacLeod
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=95f1c5d0bb7bc7cae2715d0c9b569fa369a64575.1654188574.git.steve@sakoman.com \
--to=steve@sakoman.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.