Whitelisted below CVE: CVE-2018-2799: CVE only applies to some Oracle Java SE and Red Hat Enterprise Linux versions which is already fixed with updates and the issue is closed. Link: https://access.redhat.com/security/cve/CVE-2018-2799 Link: https://bugzilla.redhat.com/show_bug.cgi?id=1567542
Signed-off-by: Saloni Jain <[email protected]> --- recipes-core/xerces-j/xerces-j_2.11.0.bb | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/recipes-core/xerces-j/xerces-j_2.11.0.bb b/recipes-core/xerces-j/xerces-j_2.11.0.bb index 98ef32f..f2a4434 100644 --- a/recipes-core/xerces-j/xerces-j_2.11.0.bb +++ b/recipes-core/xerces-j/xerces-j_2.11.0.bb @@ -14,6 +14,12 @@ LIC_FILES_CHKSUM = " \ SRC_URI = "http://archive.apache.org/dist/xerces/j/Xerces-J-src.${PV}.tar.gz"; +# CVE only applies to some Oracle Java SE and Red Hat Enterprise Linux versions. +# Already fixed with updates and closed. +# https://access.redhat.com/security/cve/CVE-2018-2799 +# https://bugzilla.redhat.com/show_bug.cgi?id=1567542 +CVE_CHECK_WHITELIST += "CVE-2018-2799" + S = "${WORKDIR}/xerces-2_11_0" inherit java-library -- 2.17.1
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#92582): https://lists.openembedded.org/g/openembedded-devel/message/92582 Mute This Topic: https://lists.openembedded.org/mt/84813978/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
