summaryrefslogtreecommitdiffstats
path: root/meta-networking
diff options
context:
space:
mode:
authorDavide Gardenal <davidegarde2000@gmail.com>2022-07-04 16:58:36 +0200
committerKhem Raj <raj.khem@gmail.com>2022-07-05 09:23:04 -0400
commit1973a0adc6983273db2db0e9be195979e747eddc (patch)
treed74ec9831fac8b5d0b7c578fce5693b1b6ab8669 /meta-networking
parent279fce2c87c990c942bcb2b72ea83a67e0d74170 (diff)
downloadmeta-openembedded-1973a0adc6983273db2db0e9be195979e747eddc.tar.gz
ntp: ignore many CVEs
cve-check is not able to correctly identify many of the patched CVEs because of the non standard version number. All the ignored CVEs were manually checked with the NVD database and deemed not applicable to the current version. Signed-off-by: Davide Gardenal <davide.gardenal@huawei.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
Diffstat (limited to 'meta-networking')
-rw-r--r--meta-networking/recipes-support/ntp/ntp_4.2.8p15.bb26
1 files changed, 25 insertions, 1 deletions
diff --git a/meta-networking/recipes-support/ntp/ntp_4.2.8p15.bb b/meta-networking/recipes-support/ntp/ntp_4.2.8p15.bb
index fe2bd0773..a30f720bb 100644
--- a/meta-networking/recipes-support/ntp/ntp_4.2.8p15.bb
+++ b/meta-networking/recipes-support/ntp/ntp_4.2.8p15.bb
@@ -29,7 +29,31 @@ SRC_URI = "http://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-4.2/ntp-${PV}.tar.g
29SRC_URI[sha256sum] = "f65840deab68614d5d7ceb2d0bb9304ff70dcdedd09abb79754a87536b849c19" 29SRC_URI[sha256sum] = "f65840deab68614d5d7ceb2d0bb9304ff70dcdedd09abb79754a87536b849c19"
30 30
31# CVE-2016-9312 is only for windows. 31# CVE-2016-9312 is only for windows.
32CVE_CHECK_IGNORE += "CVE-2016-9312" 32# The other CVEs are not correctly identified because cve-check
33# is not able to check the version correctly (it only checks for 4.2.8 omitting p15 that makes the difference)
34CVE_CHECK_IGNORE += "\
35 CVE-2016-9312 \
36 CVE-2015-5146 \
37 CVE-2015-5300 \
38 CVE-2015-7975 \
39 CVE-2015-7976 \
40 CVE-2015-7977 \
41 CVE-2015-7978 \
42 CVE-2015-7979 \
43 CVE-2015-8138 \
44 CVE-2015-8139 \
45 CVE-2015-8140 \
46 CVE-2015-8158 \
47 CVE-2016-1547 \
48 CVE-2016-2516 \
49 CVE-2016-2517 \
50 CVE-2016-2519 \
51 CVE-2016-7429 \
52 CVE-2016-7433 \
53 CVE-2016-9310 \
54 CVE-2016-9311 \
55"
56
33 57
34inherit autotools update-rc.d useradd systemd pkgconfig 58inherit autotools update-rc.d useradd systemd pkgconfig
35 59