diff options
| author | Gyorgy Sarvari <skandigraun@gmail.com> | 2025-10-07 21:49:33 +0200 |
|---|---|---|
| committer | Gyorgy Sarvari <skandigraun@gmail.com> | 2025-10-13 09:21:31 +0200 |
| commit | f7868477436ae605b46ac4954e0b36f5e7d99903 (patch) | |
| tree | baf8fb6b6f08d5a1bcb9c6d3a43e49eb0026d69f | |
| parent | f7c6bcc1ce53e4beab71a559b7eeb72a65b47ecd (diff) | |
| download | meta-openembedded-f7868477436ae605b46ac4954e0b36f5e7d99903.tar.gz | |
redis: ignore CVE-2025-21605
The vulnerability has been fixed in the used versions already,
upstream has backported it.
6.2.18: https://github.com/redis/redis/commit/5e93f9cb9dbc3e7ac9bce36f2838156cbc5c9e62
7.2.8: https://github.com/redis/redis/commit/42fb340ce426364d64f5dccc9c2549e58f48ac6f
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
| -rw-r--r-- | meta-oe/recipes-extended/redis/redis_6.2.18.bb | 2 | ||||
| -rw-r--r-- | meta-oe/recipes-extended/redis/redis_7.2.8.bb | 1 |
2 files changed, 3 insertions, 0 deletions
diff --git a/meta-oe/recipes-extended/redis/redis_6.2.18.bb b/meta-oe/recipes-extended/redis/redis_6.2.18.bb index 171c6640f2..13344beae4 100644 --- a/meta-oe/recipes-extended/redis/redis_6.2.18.bb +++ b/meta-oe/recipes-extended/redis/redis_6.2.18.bb | |||
| @@ -65,3 +65,5 @@ INITSCRIPT_NAME = "redis-server" | |||
| 65 | INITSCRIPT_PARAMS = "defaults 87" | 65 | INITSCRIPT_PARAMS = "defaults 87" |
| 66 | 66 | ||
| 67 | SYSTEMD_SERVICE:${PN} = "redis.service" | 67 | SYSTEMD_SERVICE:${PN} = "redis.service" |
| 68 | |||
| 69 | CVE_STATUS[CVE-2025-21605] = "fixed-version: The backported fix by upstream is included in the used version" | ||
diff --git a/meta-oe/recipes-extended/redis/redis_7.2.8.bb b/meta-oe/recipes-extended/redis/redis_7.2.8.bb index 3c4d84085b..38d8e5ffe9 100644 --- a/meta-oe/recipes-extended/redis/redis_7.2.8.bb +++ b/meta-oe/recipes-extended/redis/redis_7.2.8.bb | |||
| @@ -74,3 +74,4 @@ SYSTEMD_SERVICE:${PN} = "redis.service" | |||
| 74 | 74 | ||
| 75 | CVE_STATUS[CVE-2022-3734] = "not-applicable-platform: CVE only applies for Windows." | 75 | CVE_STATUS[CVE-2022-3734] = "not-applicable-platform: CVE only applies for Windows." |
| 76 | CVE_STATUS[CVE-2022-0543] = "not-applicable-platform: Debian-specific CVE" | 76 | CVE_STATUS[CVE-2022-0543] = "not-applicable-platform: Debian-specific CVE" |
| 77 | CVE_STATUS[CVE-2025-21605] = "fixed-version: The backported fix by upstream is included in the used version" | ||
