diff options
Diffstat (limited to 'poky/meta/recipes-support/curl/curl_7.69.1.bb')
-rw-r--r-- | poky/meta/recipes-support/curl/curl_7.69.1.bb | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/poky/meta/recipes-support/curl/curl_7.69.1.bb b/poky/meta/recipes-support/curl/curl_7.69.1.bb index 21c673feda..bc1b993e9e 100644 --- a/poky/meta/recipes-support/curl/curl_7.69.1.bb +++ b/poky/meta/recipes-support/curl/curl_7.69.1.bb @@ -22,6 +22,9 @@ SRC_URI = "https://curl.haxx.se/download/curl-${PV}.tar.bz2 \ file://CVE-2021-22898.patch \ file://CVE-2021-22924.patch \ file://CVE-2021-22925.patch \ + file://CVE-2021-22946-pre1.patch \ + file://CVE-2021-22946.patch \ + file://CVE-2021-22947.patch \ " SRC_URI[md5sum] = "ec5fc263f898a3dfef08e805f1ecca42" @@ -29,7 +32,12 @@ SRC_URI[sha256sum] = "2ff5e5bd507adf6aa88ff4bbafd4c7af464867ffb688be93b9930717a5 # Curl has used many names over the years... CVE_PRODUCT = "haxx:curl haxx:libcurl curl:curl curl:libcurl libcurl:libcurl daniel_stenberg:curl" -CVE_CHECK_WHITELIST = "CVE-2021-22922 CVE-2021-22923 CVE-2021-22926" +CVE_CHECK_WHITELIST = "CVE-2021-22922 CVE-2021-22923 CVE-2021-22926 CVE-22945" + +# As per link https://security-tracker.debian.org/tracker/CVE-2021-22897 +# and https://ubuntu.com/security/CVE-2021-22897 +# This CVE issue affects Windows only Hence whitelisting this CVE +CVE_CHECK_WHITELIST += "CVE-2021-22897" inherit autotools pkgconfig binconfig multilib_header |