openssh: Whitelist CVE-2021-36368

As per debian, the issue is fixed by a feature called "agent restriction" in openssh 8.9. Urgency is unimportant as per debian, Hence this CVE is whitelisting. Link: https://security-tracker.debian.org/tracker/CVE-2021-36368 https://bugzilla.mindrot.org/show_bug.cgi?id=3316#c2 https://docs.ssh-mitm.at/trivialauth.html (From OE-Core rev: 179b862e97d95ef57f8ee847e54a78b5f3f52ee7) Signed-off-by: Pawan Badganchi <badganchipv@gmail.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Pawan Badganchi <badganchipv@gmail.com> 2022-06-13 19:18:15 +0530
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2022-06-22 23:46:32 +0100
commit: 23ed0037b698daa6a9c533db01225da2b52769f6 (patch)
tree: 6e5934c51fec7ac80250d6e883fffbe36a7e784e /meta/recipes-connectivity/openssh
parent: 95cda9d09165412d1345a089a845d3adaf4ff851 (diff)
download: poky-23ed0037b698daa6a9c533db01225da2b52769f6.tar.gz
1 files changed, 7 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/openssh/openssh_8.2p1.bb b/meta/recipes-connectivity/openssh/openssh_8.2p1.bb
index ddc9ed0b32..eaec26cac0 100644
--- a/meta/recipes-connectivity/openssh/openssh_8.2p1.bb
+++ b/meta/recipes-connectivity/openssh/openssh_8.2p1.bb
@@ -60,6 +60,13 @@ CVE_CHECK_WHITELIST += "CVE-2008-3844"
 # https://ubuntu.com/security/CVE-2016-20012
 CVE_CHECK_WHITELIST += "CVE-2016-20012"
+# As per debian, the issue is fixed by a feature called "agent restriction" in openssh 8.9
+# Urgency is unimportant as per debian, Hence this CVE is whitelisting.
+# https://security-tracker.debian.org/tracker/CVE-2021-36368
+# https://bugzilla.mindrot.org/show_bug.cgi?id=3316#c2
+# https://docs.ssh-mitm.at/trivialauth.html
+CVE_CHECK_WHITELIST += "CVE-2021-36368"
 PAM_SRC_URI = "file://sshd"
 inherit manpages useradd update-rc.d update-alternatives systemd
author	Pawan Badganchi <badganchipv@gmail.com>	2022-06-13 19:18:15 +0530
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2022-06-22 23:46:32 +0100
commit	23ed0037b698daa6a9c533db01225da2b52769f6 (patch)
tree	6e5934c51fec7ac80250d6e883fffbe36a7e784e /meta/recipes-connectivity/openssh
parent	95cda9d09165412d1345a089a845d3adaf4ff851 (diff)
download	poky-23ed0037b698daa6a9c533db01225da2b52769f6.tar.gz

diff --git a/meta/recipes-connectivity/openssh/openssh_8.2p1.bb b/meta/recipes-connectivity/openssh/openssh_8.2p1.bb index ddc9ed0b32..eaec26cac0 100644 --- a/meta/recipes-connectivity/openssh/openssh_8.2p1.bb +++ b/meta/recipes-connectivity/openssh/openssh_8.2p1.bb
@@ -60,6 +60,13 @@ CVE_CHECK_WHITELIST += "CVE-2008-3844"
60	# https://ubuntu.com/security/CVE-2016-20012	60	# https://ubuntu.com/security/CVE-2016-20012
61	CVE_CHECK_WHITELIST += "CVE-2016-20012"	61	CVE_CHECK_WHITELIST += "CVE-2016-20012"
62		62
		63	# As per debian, the issue is fixed by a feature called "agent restriction" in openssh 8.9
		64	# Urgency is unimportant as per debian, Hence this CVE is whitelisting.
		65	# https://security-tracker.debian.org/tracker/CVE-2021-36368
		66	# https://bugzilla.mindrot.org/show_bug.cgi?id=3316#c2
		67	# https://docs.ssh-mitm.at/trivialauth.html
		68	CVE_CHECK_WHITELIST += "CVE-2021-36368"
		69
63	PAM_SRC_URI = "file://sshd"	70	PAM_SRC_URI = "file://sshd"
64		71
65	inherit manpages useradd update-rc.d update-alternatives systemd	72	inherit manpages useradd update-rc.d update-alternatives systemd