quagga: ignore CVE-2021-44038 - linux/meta-openembedded.git - Mirror of git.openembedded.org/meta-openembedded

diff options

author	Gyorgy Sarvari <skandigraun@gmail.com>	2026-02-27 13:03:21 +0100
committer	Gyorgy Sarvari <skandigraun@gmail.com>	2026-02-27 14:28:50 +0100
commit	b3c43cc0968f049337944ced52f764c502fd5fb4 (patch)
tree	538453ab45c9e80b5904b6e15f21b69b5525a000 /meta-python/recipes-devtools/python
parent	3054edf8bb7e02a6fb6c7b20a71b6a80d6771fdd (diff)
download	meta-openembedded-b3c43cc0968f049337944ced52f764c502fd5fb4.tar.gz

quagga: ignore CVE-2021-44038

Details: https://nvd.nist.gov/vuln/detail/CVE-2021-44038 The main point of the vulnerability is that the application comes with its own systemd unit files, which execute chmod and chown commands upon start on some files. So when the services are restarted (e.g. after an update), these unit files can be tricked to change the permissions on a malicious file. However OE does not use these unit files - the recipe comes with its own custom unit files, and chown/chmod isn't used at all. Due to this, ignore this vulnerability. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>

Diffstat (limited to 'meta-python/recipes-devtools/python')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: