diff options
author | Davide Gardenal <davidegarde2000@gmail.com> | 2022-07-04 16:58:36 +0200 |
---|---|---|
committer | Khem Raj <raj.khem@gmail.com> | 2022-07-05 09:23:04 -0400 |
commit | 1973a0adc6983273db2db0e9be195979e747eddc (patch) | |
tree | d74ec9831fac8b5d0b7c578fce5693b1b6ab8669 /meta-networking | |
parent | 279fce2c87c990c942bcb2b72ea83a67e0d74170 (diff) | |
download | meta-openembedded-1973a0adc6983273db2db0e9be195979e747eddc.tar.gz |
ntp: ignore many CVEs
cve-check is not able to correctly identify many of the patched
CVEs because of the non standard version number. All the ignored
CVEs were manually checked with the NVD database and deemed not
applicable to the current version.
Signed-off-by: Davide Gardenal <davide.gardenal@huawei.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Diffstat (limited to 'meta-networking')
-rw-r--r-- | meta-networking/recipes-support/ntp/ntp_4.2.8p15.bb | 26 |
1 files changed, 25 insertions, 1 deletions
diff --git a/meta-networking/recipes-support/ntp/ntp_4.2.8p15.bb b/meta-networking/recipes-support/ntp/ntp_4.2.8p15.bb index fe2bd0773..a30f720bb 100644 --- a/meta-networking/recipes-support/ntp/ntp_4.2.8p15.bb +++ b/meta-networking/recipes-support/ntp/ntp_4.2.8p15.bb | |||
@@ -29,7 +29,31 @@ SRC_URI = "http://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-4.2/ntp-${PV}.tar.g | |||
29 | SRC_URI[sha256sum] = "f65840deab68614d5d7ceb2d0bb9304ff70dcdedd09abb79754a87536b849c19" | 29 | SRC_URI[sha256sum] = "f65840deab68614d5d7ceb2d0bb9304ff70dcdedd09abb79754a87536b849c19" |
30 | 30 | ||
31 | # CVE-2016-9312 is only for windows. | 31 | # CVE-2016-9312 is only for windows. |
32 | CVE_CHECK_IGNORE += "CVE-2016-9312" | 32 | # The other CVEs are not correctly identified because cve-check |
33 | # is not able to check the version correctly (it only checks for 4.2.8 omitting p15 that makes the difference) | ||
34 | CVE_CHECK_IGNORE += "\ | ||
35 | CVE-2016-9312 \ | ||
36 | CVE-2015-5146 \ | ||
37 | CVE-2015-5300 \ | ||
38 | CVE-2015-7975 \ | ||
39 | CVE-2015-7976 \ | ||
40 | CVE-2015-7977 \ | ||
41 | CVE-2015-7978 \ | ||
42 | CVE-2015-7979 \ | ||
43 | CVE-2015-8138 \ | ||
44 | CVE-2015-8139 \ | ||
45 | CVE-2015-8140 \ | ||
46 | CVE-2015-8158 \ | ||
47 | CVE-2016-1547 \ | ||
48 | CVE-2016-2516 \ | ||
49 | CVE-2016-2517 \ | ||
50 | CVE-2016-2519 \ | ||
51 | CVE-2016-7429 \ | ||
52 | CVE-2016-7433 \ | ||
53 | CVE-2016-9310 \ | ||
54 | CVE-2016-9311 \ | ||
55 | " | ||
56 | |||
33 | 57 | ||
34 | inherit autotools update-rc.d useradd systemd pkgconfig | 58 | inherit autotools update-rc.d useradd systemd pkgconfig |
35 | 59 | ||