diff options
| author | Peter Marko <peter.marko@siemens.com> | 2024-02-04 21:00:25 +0100 |
|---|---|---|
| committer | Khem Raj <raj.khem@gmail.com> | 2024-02-04 13:24:40 -0800 |
| commit | 8371516578c0bfbd80a1e4e94be846b2daf56d37 (patch) | |
| tree | fdd96f8c202ae04ac0f80d99bc7096f2bde6df24 | |
| parent | 3c6b9945629df7322c80b84e74369f925ac90237 (diff) | |
| download | meta-openembedded-8371516578c0bfbd80a1e4e94be846b2daf56d37.tar.gz | |
syslog-ng: ignore CVE-2022-38725
This CVE is fixed in 3.38.1, however cve-check indicates it as
not fixed because there is also cpe for premium version.
There is currently no method to filter this away in cve-check.
Relevant CPEs:
cpe:2.3:a:oneidentity:syslog-ng:*:*:*:*:-:*:*:* < 3.38.1
cpe:2.3:a:oneidentity:syslog-ng:*:*:*:*:premium:*:*:* < 7.0.32
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
| -rw-r--r-- | meta-oe/recipes-support/syslog-ng/syslog-ng_4.0.1.bb | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/meta-oe/recipes-support/syslog-ng/syslog-ng_4.0.1.bb b/meta-oe/recipes-support/syslog-ng/syslog-ng_4.0.1.bb index 650c7bd5f..77a5e67a4 100644 --- a/meta-oe/recipes-support/syslog-ng/syslog-ng_4.0.1.bb +++ b/meta-oe/recipes-support/syslog-ng/syslog-ng_4.0.1.bb | |||
| @@ -30,6 +30,8 @@ SRC_URI[sha256sum] = "c16eafe447191c079f471846182876b7919d3d789af8c1f9fe55ab1452 | |||
| 30 | 30 | ||
| 31 | UPSTREAM_CHECK_URI = "https://github.com/balabit/syslog-ng/releases" | 31 | UPSTREAM_CHECK_URI = "https://github.com/balabit/syslog-ng/releases" |
| 32 | 32 | ||
| 33 | CVE_STATUS[CVE-2022-38725] = "cpe-incorrect: cve-check wrongly matches cpe:2.3:a:oneidentity:syslog-ng:*:*:*:*:premium:*:*:* < 7.0.32" | ||
| 34 | |||
| 33 | inherit autotools gettext systemd pkgconfig update-rc.d multilib_header | 35 | inherit autotools gettext systemd pkgconfig update-rc.d multilib_header |
| 34 | 36 | ||
| 35 | EXTRA_OECONF = " \ | 37 | EXTRA_OECONF = " \ |