libpng: whitelist CVE-2019-17371

author Ross Burton <ross.burton@intel.com>

Mon, 4 Nov 2019 14:26:52 +0000 (14:26 +0000)

committer Richard Purdie <richard.purdie@linuxfoundation.org>

Tue, 5 Nov 2019 10:36:20 +0000 (10:36 +0000)
author Ross Burton <ross.burton@intel.com>
Mon, 4 Nov 2019 14:26:52 +0000 (14:26 +0000)
committer Richard Purdie <richard.purdie@linuxfoundation.org>
Tue, 5 Nov 2019 10:36:20 +0000 (10:36 +0000)
diff --git a/meta/recipes-multimedia/libpng/libpng_1.6.37.bb b/meta/recipes-multimedia/libpng/libpng_1.6.37.bb

index 66af2f3d60ed93dc645748f12afe0840a7c0a776..2ed87a843747c09917e291528c9eef0b195b04d8 100644 (file)
--- a/meta/recipes-multimedia/libpng/libpng_1.6.37.bb
+++ b/meta/recipes-multimedia/libpng/libpng_1.6.37.bb
@@ -29,3 +29,6 @@ PACKAGES =+ "${PN}-tools"
  FILES_${PN}-tools = "${bindir}/png-fix-itxt ${bindir}/pngfix ${bindir}/pngcp"
  
  BBCLASSEXTEND = "native nativesdk"
+
+# CVE-2019-17371 is actually a memory leak in gif2png 2.x
+CVE_CHECK_WHITELIST += "CVE-2019-17371"
author	Ross Burton <ross.burton@intel.com>
	Mon, 4 Nov 2019 14:26:52 +0000 (14:26 +0000)
committer	Richard Purdie <richard.purdie@linuxfoundation.org>
	Tue, 5 Nov 2019 10:36:20 +0000 (10:36 +0000)