* Re: [oe] [PATCH] dovecot: add CVE-2016-4983 to allowlist
[not found] <16889911C5E4B48C.20286@lists.openembedded.org>
@ 2021-06-17 4:13 ` ito-yuichi
2021-06-17 5:37 ` Khem Raj
0 siblings, 1 reply; 2+ messages in thread
From: ito-yuichi @ 2021-06-17 4:13 UTC (permalink / raw)
To: openembedded-devel
Hi,
I would appreciate if you have any advice on this patch.
> -----Original Message-----
> From: openembedded-devel@lists.openembedded.org
> <openembedded-devel@lists.openembedded.org> On Behalf Of
> ito-yuichi@fujitsu.com
> Sent: Tuesday, June 15, 2021 9:13 AM
> To: openembedded-devel@lists.openembedded.org
> Subject: [oe] [PATCH] dovecot: add CVE-2016-4983 to allowlist
>
> CVE-2016-4983 affects only postinstall script on specific distribution, so add
> it to allowlist.
>
> Signed-off-by: Yuichi Ito <ito-yuichi@fujitsu.com>
> ---
> meta-networking/recipes-support/dovecot/dovecot_2.3.14.bb | 3 +++
> 1 file changed, 3 insertions(+)
>
> diff --git a/meta-networking/recipes-support/dovecot/dovecot_2.3.14.bb
> b/meta-networking/recipes-support/dovecot/dovecot_2.3.14.bb
> index 19ba2b1fc..26b4f5ee8 100644
> --- a/meta-networking/recipes-support/dovecot/dovecot_2.3.14.bb
> +++ b/meta-networking/recipes-support/dovecot/dovecot_2.3.14.bb
> @@ -72,3 +72,6 @@ FILES_${PN} += "${libdir}/dovecot/*plugin.so
> \ FILES_${PN}-staticdev += "${libdir}/dovecot/*/*.a"
> FILES_${PN}-dev += "${libdir}/dovecot/libdovecot*.so"
> FILES_${PN}-dbg += "${libdir}/dovecot/*/.debug"
> +
> +# CVE-2016-4983 affects only postinstall script on specific
> +distribution CVE_CHECK_WHITELIST += "CVE-2016-4983"
> --
> 2.25.1
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [oe] [PATCH] dovecot: add CVE-2016-4983 to allowlist
2021-06-17 4:13 ` [oe] [PATCH] dovecot: add CVE-2016-4983 to allowlist ito-yuichi
@ 2021-06-17 5:37 ` Khem Raj
0 siblings, 0 replies; 2+ messages in thread
From: Khem Raj @ 2021-06-17 5:37 UTC (permalink / raw)
To: ito-yuichi; +Cc: openembedded-devel
Hi
Its already in master, please check latest tip
On Wed, Jun 16, 2021 at 9:13 PM ito-yuichi@fujitsu.com
<ito-yuichi@fujitsu.com> wrote:
>
> Hi,
>
> I would appreciate if you have any advice on this patch.
>
> > -----Original Message-----
> > From: openembedded-devel@lists.openembedded.org
> > <openembedded-devel@lists.openembedded.org> On Behalf Of
> > ito-yuichi@fujitsu.com
> > Sent: Tuesday, June 15, 2021 9:13 AM
> > To: openembedded-devel@lists.openembedded.org
> > Subject: [oe] [PATCH] dovecot: add CVE-2016-4983 to allowlist
> >
> > CVE-2016-4983 affects only postinstall script on specific distribution, so add
> > it to allowlist.
> >
> > Signed-off-by: Yuichi Ito <ito-yuichi@fujitsu.com>
> > ---
> > meta-networking/recipes-support/dovecot/dovecot_2.3.14.bb | 3 +++
> > 1 file changed, 3 insertions(+)
> >
> > diff --git a/meta-networking/recipes-support/dovecot/dovecot_2.3.14.bb
> > b/meta-networking/recipes-support/dovecot/dovecot_2.3.14.bb
> > index 19ba2b1fc..26b4f5ee8 100644
> > --- a/meta-networking/recipes-support/dovecot/dovecot_2.3.14.bb
> > +++ b/meta-networking/recipes-support/dovecot/dovecot_2.3.14.bb
> > @@ -72,3 +72,6 @@ FILES_${PN} += "${libdir}/dovecot/*plugin.so
> > \ FILES_${PN}-staticdev += "${libdir}/dovecot/*/*.a"
> > FILES_${PN}-dev += "${libdir}/dovecot/libdovecot*.so"
> > FILES_${PN}-dbg += "${libdir}/dovecot/*/.debug"
> > +
> > +# CVE-2016-4983 affects only postinstall script on specific
> > +distribution CVE_CHECK_WHITELIST += "CVE-2016-4983"
> > --
> > 2.25.1
>
>
>
>
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2021-06-17 5:38 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
[not found] <16889911C5E4B48C.20286@lists.openembedded.org>
2021-06-17 4:13 ` [oe] [PATCH] dovecot: add CVE-2016-4983 to allowlist ito-yuichi
2021-06-17 5:37 ` Khem Raj
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.