All of lore.kernel.org
 help / color / mirror / Atom feed
* [poky][dunfell][PATCH] db: Whitelist CVEs
@ 2021-09-13 12:45 Saloni Jain
  2021-09-13 14:48 ` [OE-core] " Armin Kuster
                   ` (2 more replies)
  0 siblings, 3 replies; 7+ messages in thread
From: Saloni Jain @ 2021-09-13 12:45 UTC (permalink / raw)
  To: openembedded-core, raj.khem; +Cc: nisha.parrakat, Saloni Jain

From: Saloni Jain <salonij@kpit.com>

Below CVE affects only Oracle Berkeley DB as per upstream.
Hence, whitelisted them.

1. CVE-2015-2583
Link: https://security-tracker.debian.org/tracker/CVE-2015-2583
2. CVE-2015-2624
Link: https://security-tracker.debian.org/tracker/CVE-2015-2624
3. CVE-2015-2626
Link: https://security-tracker.debian.org/tracker/CVE-2015-2626
4. CVE-2015-2640
Link: https://security-tracker.debian.org/tracker/CVE-2015-2640
5. CVE-2015-2654
Link: https://security-tracker.debian.org/tracker/CVE-2015-2654
6. CVE-2015-2656
Link: https://security-tracker.debian.org/tracker/CVE-2015-2656
7. CVE-2015-4754
Link: https://security-tracker.debian.org/tracker/CVE-2015-4754
8. CVE-2015-4764
Link: https://security-tracker.debian.org/tracker/CVE-2015-4764
9. CVE-2015-4774
Link: https://security-tracker.debian.org/tracker/CVE-2015-4774
10. CVE-2015-4775
Link: https://security-tracker.debian.org/tracker/CVE-2015-4775
11. CVE-2015-4776
Link: https://security-tracker.debian.org/tracker/CVE-2015-4776
12. CVE-2015-4777
Link: https://security-tracker.debian.org/tracker/CVE-2015-4777
13. CVE-2015-4778
Link: https://security-tracker.debian.org/tracker/CVE-2015-4778
14. CVE-2015-4779
Link: https://security-tracker.debian.org/tracker/CVE-2015-4779
15. CVE-2015-4780
Link: https://security-tracker.debian.org/tracker/CVE-2015-4780
16. CVE-2015-4781
Link: https://security-tracker.debian.org/tracker/CVE-2015-4781
17. CVE-2015-4782
Link: https://security-tracker.debian.org/tracker/CVE-2015-4782
18. CVE-2015-4783
Link: https://security-tracker.debian.org/tracker/CVE-2015-4783
19. CVE-2015-4784
Link: https://security-tracker.debian.org/tracker/CVE-2015-4784
20. CVE-2015-4785
Link: https://security-tracker.debian.org/tracker/CVE-2015-4785
21. CVE-2015-4786
Link: https://security-tracker.debian.org/tracker/CVE-2015-4786
22. CVE-2015-4787
Link: https://security-tracker.debian.org/tracker/CVE-2015-4787
23. CVE-2015-4788
Link: https://security-tracker.debian.org/tracker/CVE-2015-4788
24. CVE-2015-4789
Link: https://security-tracker.debian.org/tracker/CVE-2015-4789
25. CVE-2015-4790
Link: https://security-tracker.debian.org/tracker/CVE-2015-4790
26. CVE-2016-0682
Link: https://security-tracker.debian.org/tracker/CVE-2016-0682
27. CVE-2016-0689
Link: https://security-tracker.debian.org/tracker/CVE-2016-0689
28. CVE-2016-0692
Link: https://security-tracker.debian.org/tracker/CVE-2016-0692
29. CVE-2016-0694
Link: https://security-tracker.debian.org/tracker/CVE-2016-0694
30. CVE-2016-3418
Link: https://security-tracker.debian.org/tracker/CVE-2016-3418
31. CVE-2017-3604
Link: https://security-tracker.debian.org/tracker/CVE-2017-3604
32. CVE-2017-3605
Link: https://security-tracker.debian.org/tracker/CVE-2017-3605
33. CVE-2017-3606
Link: https://security-tracker.debian.org/tracker/CVE-2017-3606
34. CVE-2017-3607
Link: https://security-tracker.debian.org/tracker/CVE-2017-3607
35. CVE-2017-3608
Link: https://security-tracker.debian.org/tracker/CVE-2017-3608
36. CVE-2017-3609
Link: https://security-tracker.debian.org/tracker/CVE-2017-3609
37. CVE-2017-3610
Link: https://security-tracker.debian.org/tracker/CVE-2017-3610
38. CVE-2017-3611
Link: https://security-tracker.debian.org/tracker/CVE-2017-3611
39. CVE-2017-3612
Link: https://security-tracker.debian.org/tracker/CVE-2017-3612
40. CVE-2017-3613
Link: https://security-tracker.debian.org/tracker/CVE-2017-3613
41. CVE-2017-3614
Link: https://security-tracker.debian.org/tracker/CVE-2017-3614
42. CVE-2017-3615
Link: https://security-tracker.debian.org/tracker/CVE-2017-3615
43. CVE-2017-3616
Link: https://security-tracker.debian.org/tracker/CVE-2017-3616
44. CVE-2017-3617
Link: https://security-tracker.debian.org/tracker/CVE-2017-3617
45. CVE-2020-2981
Link: https://security-tracker.debian.org/tracker/CVE-2020-2981

Signed-off-by: Saloni <jainsaloni0918@gmail.com>
---
 meta/recipes-support/db/db_5.3.28.bb | 92 ++++++++++++++++++++++++++++
 1 file changed, 92 insertions(+)

diff --git a/meta/recipes-support/db/db_5.3.28.bb b/meta/recipes-support/db/db_5.3.28.bb
index b2ae98f05c..000e9ef468 100644
--- a/meta/recipes-support/db/db_5.3.28.bb
+++ b/meta/recipes-support/db/db_5.3.28.bb
@@ -39,6 +39,98 @@ SRC_URI[sha256sum] = "e0a992d740709892e81f9d93f06daf305cf73fb81b545afe7247804317
 
 LIC_FILES_CHKSUM = "file://LICENSE;md5=ed1158e31437f4f87cdd4ab2b8613955"
 
+# Below CVEs affects only Oracle Berkeley DB as per upstream.
+# https://security-tracker.debian.org/tracker/CVE-2015-2583
+CVE_CHECK_WHITELIST += "CVE-2015-2583"
+# https://security-tracker.debian.org/tracker/CVE-2015-2624
+CVE_CHECK_WHITELIST += "CVE-2015-2624"
+# https://security-tracker.debian.org/tracker/CVE-2015-2626
+CVE_CHECK_WHITELIST += "CVE-2015-2626"
+# https://security-tracker.debian.org/tracker/CVE-2015-2640
+CVE_CHECK_WHITELIST += "CVE-2015-2640"
+# https://security-tracker.debian.org/tracker/CVE-2015-2654
+CVE_CHECK_WHITELIST += "CVE-2015-2654"
+# https://security-tracker.debian.org/tracker/CVE-2015-2656
+CVE_CHECK_WHITELIST += "CVE-2015-2656"
+# https://security-tracker.debian.org/tracker/CVE-2015-4754
+CVE_CHECK_WHITELIST += "CVE-2015-4754"
+# https://security-tracker.debian.org/tracker/CVE-2015-4764
+CVE_CHECK_WHITELIST += "CVE-2015-4764"
+# https://security-tracker.debian.org/tracker/CVE-2015-4774
+CVE_CHECK_WHITELIST += "CVE-2015-4774"
+# https://security-tracker.debian.org/tracker/CVE-2015-4775
+CVE_CHECK_WHITELIST += "CVE-2015-4775"
+# https://security-tracker.debian.org/tracker/CVE-2015-4776
+CVE_CHECK_WHITELIST += "CVE-2015-4776"
+# https://security-tracker.debian.org/tracker/CVE-2015-4777
+CVE_CHECK_WHITELIST += "CVE-2015-4777"
+# https://security-tracker.debian.org/tracker/CVE-2015-4778
+CVE_CHECK_WHITELIST += "CVE-2015-4778"
+# https://security-tracker.debian.org/tracker/CVE-2015-4779
+CVE_CHECK_WHITELIST += "CVE-2015-4779"
+# https://security-tracker.debian.org/tracker/CVE-2015-4780
+CVE_CHECK_WHITELIST += "CVE-2015-4780"
+# https://security-tracker.debian.org/tracker/CVE-2015-4781
+CVE_CHECK_WHITELIST += "CVE-2015-4781"
+# https://security-tracker.debian.org/tracker/CVE-2015-4782
+CVE_CHECK_WHITELIST += "CVE-2015-4782"
+# https://security-tracker.debian.org/tracker/CVE-2015-4783
+CVE_CHECK_WHITELIST += "CVE-2015-4783"
+# https://security-tracker.debian.org/tracker/CVE-2015-4784
+CVE_CHECK_WHITELIST += "CVE-2015-4784"
+# https://security-tracker.debian.org/tracker/CVE-2015-4785
+CVE_CHECK_WHITELIST += "CVE-2015-4785"
+# https://security-tracker.debian.org/tracker/CVE-2015-4786
+CVE_CHECK_WHITELIST += "CVE-2015-4786"
+# https://security-tracker.debian.org/tracker/CVE-2015-4787
+CVE_CHECK_WHITELIST += "CVE-2015-4787"
+# https://security-tracker.debian.org/tracker/CVE-2015-4788
+CVE_CHECK_WHITELIST += "CVE-2015-4788"
+# https://security-tracker.debian.org/tracker/CVE-2015-4789
+CVE_CHECK_WHITELIST += "CVE-2015-4789"
+# https://security-tracker.debian.org/tracker/CVE-2015-4790
+CVE_CHECK_WHITELIST += "CVE-2015-4790"
+# https://security-tracker.debian.org/tracker/CVE-2016-0682
+CVE_CHECK_WHITELIST += "CVE-2016-0682"
+# https://security-tracker.debian.org/tracker/CVE-2016-0689
+CVE_CHECK_WHITELIST += "CVE-2016-0689"
+# https://security-tracker.debian.org/tracker/CVE-2016-0692
+CVE_CHECK_WHITELIST += "CVE-2016-0692"
+# https://security-tracker.debian.org/tracker/CVE-2016-0694
+CVE_CHECK_WHITELIST += "CVE-2016-0694"
+# https://security-tracker.debian.org/tracker/CVE-2016-3418
+CVE_CHECK_WHITELIST += "CVE-2016-3418"
+# https://security-tracker.debian.org/tracker/CVE-2017-3604
+CVE_CHECK_WHITELIST += "CVE-2017-3604"
+# https://security-tracker.debian.org/tracker/CVE-2017-3605
+CVE_CHECK_WHITELIST += "CVE-2017-3605"
+# https://security-tracker.debian.org/tracker/CVE-2017-3606
+CVE_CHECK_WHITELIST += "CVE-2017-3606"
+# https://security-tracker.debian.org/tracker/CVE-2017-3607
+CVE_CHECK_WHITELIST += "CVE-2017-3607"
+# https://security-tracker.debian.org/tracker/CVE-2017-3608
+CVE_CHECK_WHITELIST += "CVE-2017-3608"
+# https://security-tracker.debian.org/tracker/CVE-2017-3609
+CVE_CHECK_WHITELIST += "CVE-2017-3609"
+# https://security-tracker.debian.org/tracker/CVE-2017-3610
+CVE_CHECK_WHITELIST += "CVE-2017-3610"
+# https://security-tracker.debian.org/tracker/CVE-2017-3611
+CVE_CHECK_WHITELIST += "CVE-2017-3611"
+# https://security-tracker.debian.org/tracker/CVE-2017-3612
+CVE_CHECK_WHITELIST += "CVE-2017-3612"
+# https://security-tracker.debian.org/tracker/CVE-2017-3613
+CVE_CHECK_WHITELIST += "CVE-2017-3613"
+# https://security-tracker.debian.org/tracker/CVE-2017-3614
+CVE_CHECK_WHITELIST += "CVE-2017-3614"
+# https://security-tracker.debian.org/tracker/CVE-2017-3615
+CVE_CHECK_WHITELIST += "CVE-2017-3615"
+# https://security-tracker.debian.org/tracker/CVE-2017-3616
+CVE_CHECK_WHITELIST += "CVE-2017-3616"
+# https://security-tracker.debian.org/tracker/CVE-2017-3617
+CVE_CHECK_WHITELIST += "CVE-2017-3617"
+# https://security-tracker.debian.org/tracker/CVE-2020-2981
+CVE_CHECK_WHITELIST += "CVE-2020-2981"
+
 inherit autotools
 
 # The executables go in a separate package - typically there
-- 
2.17.1


^ permalink raw reply related	[flat|nested] 7+ messages in thread
end of thread, other threads:[~2021-09-14 17:21 UTC | newest]

Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-09-13 12:45 [poky][dunfell][PATCH] db: Whitelist CVEs Saloni Jain
2021-09-13 14:48 ` [OE-core] " Armin Kuster
2021-09-13 14:56 ` Steve Sakoman
     [not found] ` <16A46989BBD4976A.22787@lists.openembedded.org>
2021-09-13 15:02   ` Steve Sakoman
2021-09-13 15:32     ` saloni
     [not found]     ` <16A46B7AC64AA0C2.21276@lists.openembedded.org>
2021-09-14 17:09       ` saloni
2021-09-14 17:21         ` Steve Sakoman

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.