[meta-java,dunfell] jsch: Whitelist CVE-2016-5725

Message ID	20220915101025.16956-1-badganchipv@gmail.com
State	New
Headers	show Return-Path: <badganchipv@gmail.com> ip: 209.85.216.54, mailfrom: badganchipv@gmail.com) From: pawan <badganchipv@gmail.com> To: openembedded-devel@lists.openembedded.org, badganchipv@gmail.com Cc: ranjitsinh.rathod@kpit.com Subject: [meta-java][dunfell][PATCH] jsch: Whitelist CVE-2016-5725 Date: Thu, 15 Sep 2022 15:40:25 +0530 Message-Id: <20220915101025.16956-1-badganchipv@gmail.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit
Series	[meta-java,dunfell] jsch: Whitelist CVE-2016-5725 \| expand [meta-java,dunfell] jsch: Whitelist CVE-2016-5725

Message ID

20220915101025.16956-1-badganchipv@gmail.com

State

New

Headers

From: pawan <badganchipv@gmail.com>
To: openembedded-devel@lists.openembedded.org,
	badganchipv@gmail.com
Cc: ranjitsinh.rathod@kpit.com
Subject: [meta-java][dunfell][PATCH] jsch: Whitelist CVE-2016-5725
Date: Thu, 15 Sep 2022 15:40:25 +0530
Message-Id: <20220915101025.16956-1-badganchipv@gmail.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Series

[meta-java,dunfell] jsch: Whitelist CVE-2016-5725 | expand

Commit Message

Pawan Badganchi Sept. 15, 2022, 10:10 a.m. UTC

From: Pawan Badganchi <badganchipv@gmail.com>

Whitelist the CVE because it only affects windows platforms
Link: https://ubuntu.com/security/CVE-2016-5725

Signed-off-by: Pawan Badganchi <badganchipv@gmail.com>
---
 .../0001-jsch-Whitelist-CVE-2016-5725.patch   | 29 +++++++++++++++++++
 recipes-core/jcraft/jsch_0.1.40.bb            |  3 ++
 2 files changed, 32 insertions(+)
 create mode 100644 recipes-core/jcraft/0001-jsch-Whitelist-CVE-2016-5725.patch

Comments

Pawan Badganchi Sept. 20, 2022, 1:56 p.m. UTC | #1

Hello,
Could you please add this patch in dunfell.

diff --git a/recipes-core/jcraft/0001-jsch-Whitelist-CVE-2016-5725.patch b/recipes-core/jcraft/0001-jsch-Whitelist-CVE-2016-5725.patch
new file mode 100644
index 0000000..880440c
--- /dev/null
+++ b/recipes-core/jcraft/0001-jsch-Whitelist-CVE-2016-5725.patch
@@ -0,0 +1,29 @@ 
+From 1ea9958fae5a89b04ed790f45cb4f18075a35d65 Mon Sep 17 00:00:00 2001
+From: Pawan Badganchi <pawan.badganchi@kpit.com>
+Date: Wed, 13 Apr 2022 16:04:32 +0530
+Subject: [PATCH] jsch: Whitelist CVE-2016-5725
+
+Whitelist the CVE because it only affects windows platforms
+Link: https://ubuntu.com/security/CVE-2016-5725
+
+Signed-off-by: Pawan Badganchi<pawan.badganchi@kpit.com>
+---
+ recipes-core/jcraft/jsch_0.1.40.bb | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/recipes-core/jcraft/jsch_0.1.40.bb b/recipes-core/jcraft/jsch_0.1.40.bb
+index a0f70d8..1170095 100644
+--- a/recipes-core/jcraft/jsch_0.1.40.bb
++++ b/recipes-core/jcraft/jsch_0.1.40.bb
+@@ -25,5 +25,8 @@ do_compile() {
+ SRC_URI[md5sum] = "b59cec19a487e95aed68378976b4b566"
+ SRC_URI[sha256sum] = "ca9d2ae08fd7a8983fb00d04f0f0c216a985218a5eb364ff9bee73870f28e097"
+ 
++# Whitelist the CVE because it only affects Windows platforms
++CVE_CHECK_WHITELIST += "CVE-2016-5725"
++
+ BBCLASSEXTEND = "native"
+ 
+-- 
+2.17.1
+
diff --git a/recipes-core/jcraft/jsch_0.1.40.bb b/recipes-core/jcraft/jsch_0.1.40.bb
index a0f70d8..1170095 100644
--- a/recipes-core/jcraft/jsch_0.1.40.bb
+++ b/recipes-core/jcraft/jsch_0.1.40.bb
@@ -25,5 +25,8 @@  do_compile() {
 SRC_URI[md5sum] = "b59cec19a487e95aed68378976b4b566"
 SRC_URI[sha256sum] = "ca9d2ae08fd7a8983fb00d04f0f0c216a985218a5eb364ff9bee73870f28e097"
 
+# Whitelist the CVE because it only affects Windows platforms
+CVE_CHECK_WHITELIST += "CVE-2016-5725"
+
 BBCLASSEXTEND = "native"

[meta-java,dunfell] jsch: Whitelist CVE-2016-5725

Commit Message

Comments

Patch