From: Ross Burton <ross.burton@arm.com>
Date: Fri, 23 Jun 2023 12:32:48 +0000 (+0100)
Subject: ghostscript: remove CVE_CHECK_IGNORE for CVE-2013-6629
X-Git-Tag: lucaceresoli/bug-15201-perf-libtraceevent-missing~464
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=da6d0763a7fb9c7a322bf5964f8abdf6bed7e219;p=thirdparty%2Fopenembedded%2Fopenembedded-core-contrib.git

ghostscript: remove CVE_CHECK_IGNORE for CVE-2013-6629

This CVE now has a version range, indicating that this Ghostscript
release isn't vulnerable.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---

diff --git a/meta/recipes-extended/ghostscript/ghostscript_10.01.1.bb b/meta/recipes-extended/ghostscript/ghostscript_10.01.1.bb
index f03ebf44789..0d41242bc2c 100644
--- a/meta/recipes-extended/ghostscript/ghostscript_10.01.1.bb
+++ b/meta/recipes-extended/ghostscript/ghostscript_10.01.1.bb
@@ -18,9 +18,6 @@ DEPENDS = "tiff jpeg fontconfig cups libpng freetype zlib"
 UPSTREAM_CHECK_URI = "https://github.com/ArtifexSoftware/ghostpdl-downloads/releases"
 UPSTREAM_CHECK_REGEX = "(?P<pver>\d+(\.\d+)+)\.tar"
 
-# We use a system libjpeg-turbo which has this fix
-CVE_CHECK_IGNORE += "CVE-2013-6629"
-
 def gs_verdir(v):
     return "".join(v.split("."))