helium-3rd-party/meta-openembedded
1
0
Fork 0
mirror of git://git.openembedded.org/meta-openembedded synced 2026-05-21 15:39:40 +00:00
Code Issues Packages Projects Releases Wiki Activity

php: ignore patched CVEs

Browse Source 
CVE-2007-2728, CVE-2007-3205 and CVE-2007-4596 are patched in our
version of php but they don't have a vulnerable version range in the
NVD database, that's why they need to be ignored.

Signed-off-by: Davide Gardenal <davide.gardenal@huawei.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 1642bfcb071aadb542c488bf79922842e32f1db5)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
This commit is contained in:
Davide Gardenal 2022-07-18 13:07:09 +02:00 committed by Armin Kuster
parent aca019a2d0
commit b0bf2829a2
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
meta-oe/recipes-devtools/php/php_8.1.7.bb
View File

@ -35,6 +35,12 @@ SRC_URI:append:class-target = " \
S = "${WORKDIR}/php-${PV}"
SRC_URI[sha256sum] = "b816753eb005511e695d90945c27093c3236cc73db1262656d9fadd73ead7e9d"
CVE_CHECK_IGNORE += "\
CVE-2007-2728 \
CVE-2007-3205 \
CVE-2007-4596 \
"
inherit autotools pkgconfig python3native gettext
# phpize is not scanned for absolute paths by default (but php-config is).