summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDavide Gardenal <davidegarde2000@gmail.com>2022-07-15 15:35:15 +0200
committerArmin Kuster <akuster808@gmail.com>2022-07-18 07:02:05 -0700
commit4b4c6f4a8a2a9944b6d56fbf33db7ecfb9b8a128 (patch)
tree116fb57a66033a3c2faae63f8f200f834025b773
parentb7c6c47d4d5ceb4d9c5affa7e86744f0b8c2faf4 (diff)
downloadmeta-openembedded-4b4c6f4a8a2a9944b6d56fbf33db7ecfb9b8a128.tar.gz
freeradius: ignore patched CVEs
CVE-2002-0318 and CVE-2011-4966 are both patched in our version of freeradius. The CPE in the NVD database doesn't reflect correctly the vulnerable versions that's why they are incorrectly picked up. Signed-off-by: Davide Gardenal <davide.gardenal@huawei.com>
Diffstat
-rw-r--r--meta-networking/recipes-connectivity/freeradius/freeradius_3.0.21.bb5
1 files changed, 5 insertions, 0 deletions
diff --git a/meta-networking/recipes-connectivity/freeradius/freeradius_3.0.21.bb b/meta-networking/recipes-connectivity/freeradius/freeradius_3.0.21.bb
index 453e514b67..d6477e340e 100644
--- a/meta-networking/recipes-connectivity/freeradius/freeradius_3.0.21.bb
+++ b/meta-networking/recipes-connectivity/freeradius/freeradius_3.0.21.bb
@@ -38,6 +38,11 @@ raddbdir="${sysconfdir}/${MLPREFIX}raddb"
38 38
39SRCREV = "af428abda249b2279ba0582180985a9f6f4a144a" 39SRCREV = "af428abda249b2279ba0582180985a9f6f4a144a"
40 40
41CVE_CHECK_IGNORE = "\
42 CVE-2002-0318 \
43 CVE-2011-4966 \
44"
45
41PARALLEL_MAKE = "" 46PARALLEL_MAKE = ""
42 47
43S = "${WORKDIR}/git" 48S = "${WORKDIR}/git"
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-07-25 22:43:48 +0000