summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDavide Gardenal <davidegarde2000@gmail.com>2022-07-15 15:35:15 +0200
committerKhem Raj <raj.khem@gmail.com>2022-07-15 12:48:34 -0400
commit5dfcb2603dd810251e8a9a4071cbf9255e73ca20 (patch)
tree260534124f8278033bc67497063e06c1a7566d9b
parent0f048c4c46fd4b377b7aacc236a23249ae05fdaa (diff)
downloadmeta-openembedded-5dfcb2603dd810251e8a9a4071cbf9255e73ca20.tar.gz
freeradius: ignore patched CVEs
CVE-2002-0318 and CVE-2011-4966 are both patched in our version of freeradius. The CPE in the NVD database doesn't reflect correctly the vulnerable versions that's why they are incorrectly picked up. Signed-off-by: Davide Gardenal <davide.gardenal@huawei.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
Diffstat
-rw-r--r--meta-networking/recipes-connectivity/freeradius/freeradius_3.0.21.bb5
1 files changed, 5 insertions, 0 deletions
diff --git a/meta-networking/recipes-connectivity/freeradius/freeradius_3.0.21.bb b/meta-networking/recipes-connectivity/freeradius/freeradius_3.0.21.bb
index 453e514b67..d6477e340e 100644
--- a/meta-networking/recipes-connectivity/freeradius/freeradius_3.0.21.bb
+++ b/meta-networking/recipes-connectivity/freeradius/freeradius_3.0.21.bb
@@ -38,6 +38,11 @@ raddbdir="${sysconfdir}/${MLPREFIX}raddb"
38 38
39SRCREV = "af428abda249b2279ba0582180985a9f6f4a144a" 39SRCREV = "af428abda249b2279ba0582180985a9f6f4a144a"
40 40
41CVE_CHECK_IGNORE = "\
42 CVE-2002-0318 \
43 CVE-2011-4966 \
44"
45
41PARALLEL_MAKE = "" 46PARALLEL_MAKE = ""
42 47
43S = "${WORKDIR}/git" 48S = "${WORKDIR}/git"
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2026-05-08 17:46:34 +0000