openssh: Mark CVE-2023-51767 as wont-fix

(From OE-Core rev: 1b4bada6c003ef743df09283e45953e6d9ea4c5a) (From OE-Core rev: 9376c14f367477a8d02df1331908e3df3bd009b6) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
author: Khem Raj <raj.khem@gmail.com> 2024-09-28 19:42:22 +0200
committer: Steve Sakoman <steve@sakoman.com> 2024-10-11 05:47:38 -0700
commit: ff5c6bd86fa26645ff56a4e6822f2463a223b8f1 (patch)
tree: 8dec399a821f950c3e93bbc56d7f9d189dac7dae /meta
parent: ff0f3fca815318e39156762e9960595287e72bf1 (diff)
download: poky-ff5c6bd86fa26645ff56a4e6822f2463a223b8f1.tar.gz
1 files changed, 1 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/openssh/openssh_9.6p1.bb b/meta/recipes-connectivity/openssh/openssh_9.6p1.bb
index 3c507cf911..a8ba67e360 100644
--- a/meta/recipes-connectivity/openssh/openssh_9.6p1.bb
+++ b/meta/recipes-connectivity/openssh/openssh_9.6p1.bb
@@ -40,6 +40,7 @@ CVE_STATUS[CVE-2014-9278] = "not-applicable-platform: This CVE is specific to Op
 Red Hat Enterprise Linux 7 and when running in a Kerberos environment"
 CVE_STATUS[CVE-2008-3844] = "not-applicable-platform: Only applies to some distributed RHEL binaries."
+CVE_STATUS[CVE-2023-51767] = "upstream-wontfix: It was demonstrated on modified sshd and does not exist in upstream openssh https://bugzilla.mindrot.org/show_bug.cgi?id=3656#c1."
 PAM_SRC_URI = "file://sshd"
author	Khem Raj <raj.khem@gmail.com>	2024-09-28 19:42:22 +0200
committer	Steve Sakoman <steve@sakoman.com>	2024-10-11 05:47:38 -0700
commit	ff5c6bd86fa26645ff56a4e6822f2463a223b8f1 (patch)
tree	8dec399a821f950c3e93bbc56d7f9d189dac7dae /meta
parent	ff0f3fca815318e39156762e9960595287e72bf1 (diff)
download	poky-ff5c6bd86fa26645ff56a4e6822f2463a223b8f1.tar.gz

diff --git a/meta/recipes-connectivity/openssh/openssh_9.6p1.bb b/meta/recipes-connectivity/openssh/openssh_9.6p1.bb index 3c507cf911..a8ba67e360 100644 --- a/meta/recipes-connectivity/openssh/openssh_9.6p1.bb +++ b/meta/recipes-connectivity/openssh/openssh_9.6p1.bb
@@ -40,6 +40,7 @@ CVE_STATUS[CVE-2014-9278] = "not-applicable-platform: This CVE is specific to Op
40	Red Hat Enterprise Linux 7 and when running in a Kerberos environment"	40	Red Hat Enterprise Linux 7 and when running in a Kerberos environment"
41		41
42	CVE_STATUS[CVE-2008-3844] = "not-applicable-platform: Only applies to some distributed RHEL binaries."	42	CVE_STATUS[CVE-2008-3844] = "not-applicable-platform: Only applies to some distributed RHEL binaries."
		43	CVE_STATUS[CVE-2023-51767] = "upstream-wontfix: It was demonstrated on modified sshd and does not exist in upstream openssh https://bugzilla.mindrot.org/show_bug.cgi?id=3656#c1."
43		44
44	PAM_SRC_URI = "file://sshd"	45	PAM_SRC_URI = "file://sshd"
45		46