diff options
author | Pawan Badganchi <badganchipv@gmail.com> | 2022-06-13 19:18:15 +0530 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2022-06-22 23:46:32 +0100 |
commit | 23ed0037b698daa6a9c533db01225da2b52769f6 (patch) | |
tree | 6e5934c51fec7ac80250d6e883fffbe36a7e784e /meta/recipes-connectivity/openssh | |
parent | 95cda9d09165412d1345a089a845d3adaf4ff851 (diff) | |
download | poky-23ed0037b698daa6a9c533db01225da2b52769f6.tar.gz |
openssh: Whitelist CVE-2021-36368
As per debian, the issue is fixed by a feature called
"agent restriction" in openssh 8.9.
Urgency is unimportant as per debian, Hence this CVE is whitelisting.
Link:
https://security-tracker.debian.org/tracker/CVE-2021-36368
https://bugzilla.mindrot.org/show_bug.cgi?id=3316#c2
https://docs.ssh-mitm.at/trivialauth.html
(From OE-Core rev: 179b862e97d95ef57f8ee847e54a78b5f3f52ee7)
Signed-off-by: Pawan Badganchi <badganchipv@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-connectivity/openssh')
-rw-r--r-- | meta/recipes-connectivity/openssh/openssh_8.2p1.bb | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/openssh/openssh_8.2p1.bb b/meta/recipes-connectivity/openssh/openssh_8.2p1.bb index ddc9ed0b32..eaec26cac0 100644 --- a/meta/recipes-connectivity/openssh/openssh_8.2p1.bb +++ b/meta/recipes-connectivity/openssh/openssh_8.2p1.bb | |||
@@ -60,6 +60,13 @@ CVE_CHECK_WHITELIST += "CVE-2008-3844" | |||
60 | # https://ubuntu.com/security/CVE-2016-20012 | 60 | # https://ubuntu.com/security/CVE-2016-20012 |
61 | CVE_CHECK_WHITELIST += "CVE-2016-20012" | 61 | CVE_CHECK_WHITELIST += "CVE-2016-20012" |
62 | 62 | ||
63 | # As per debian, the issue is fixed by a feature called "agent restriction" in openssh 8.9 | ||
64 | # Urgency is unimportant as per debian, Hence this CVE is whitelisting. | ||
65 | # https://security-tracker.debian.org/tracker/CVE-2021-36368 | ||
66 | # https://bugzilla.mindrot.org/show_bug.cgi?id=3316#c2 | ||
67 | # https://docs.ssh-mitm.at/trivialauth.html | ||
68 | CVE_CHECK_WHITELIST += "CVE-2021-36368" | ||
69 | |||
63 | PAM_SRC_URI = "file://sshd" | 70 | PAM_SRC_URI = "file://sshd" |
64 | 71 | ||
65 | inherit manpages useradd update-rc.d update-alternatives systemd | 72 | inherit manpages useradd update-rc.d update-alternatives systemd |