[PATCH] dracut: add CVE-2010-4176 to allowlist

[PATCH] dracut: add CVE-2010-4176 to allowlist

[hayashi.satoshi]

CVE-2010-4176 affects only using plymouth-pretrigger.sh script on Fedora.

Signed-off-by: Satoshi Hayashi <hayashi.satoshi@fujitsu.com>
---
 meta-initramfs/recipes-devtools/dracut/dracut_git.bb | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/meta-initramfs/recipes-devtools/dracut/dracut_git.bb b/meta-initramfs/recipes-devtools/dracut/dracut_git.bb
index ce975f5a1..4d702dc56 100644
--- a/meta-initramfs/recipes-devtools/dracut/dracut_git.bb
+++ b/meta-initramfs/recipes-devtools/dracut/dracut_git.bb
@@ -66,3 +66,6 @@ RRECOMMENDS_${PN} = " \
                      busybox \
                      coreutils \
                     "
+
+# CVE-2010-4176 affects only Fedora
+CVE_CHECK_WHITELIST += "CVE-2010-4176"
-- 
2.25.1

Re: [oe] [PATCH] dracut: add CVE-2010-4176 to allowlist

[Khem Raj]

you also want to add release name in subject e.g. [dunfell] etc. so it
hits appropriate release maintainer's queue

On Mon, Jun 14, 2021 at 10:36 PM hayashi.satoshi@fujitsu.com
<hayashi.satoshi@fujitsu.com> wrote:
>
> CVE-2010-4176 affects only using plymouth-pretrigger.sh script on Fedora.
>
> Signed-off-by: Satoshi Hayashi <hayashi.satoshi@fujitsu.com>
> ---
>  meta-initramfs/recipes-devtools/dracut/dracut_git.bb | 3 +++
>  1 file changed, 3 insertions(+)
>
> diff --git a/meta-initramfs/recipes-devtools/dracut/dracut_git.bb b/meta-initramfs/recipes-devtools/dracut/dracut_git.bb
> index ce975f5a1..4d702dc56 100644
> --- a/meta-initramfs/recipes-devtools/dracut/dracut_git.bb
> +++ b/meta-initramfs/recipes-devtools/dracut/dracut_git.bb
> @@ -66,3 +66,6 @@ RRECOMMENDS_${PN} = " \
>                       busybox \
>                       coreutils \
>                      "
> +
> +# CVE-2010-4176 affects only Fedora
> +CVE_CHECK_WHITELIST += "CVE-2010-4176"
> --
> 2.25.1
>
>
> 
>