diff mbox series

[4/8] bind: set status for CVE-2017-3139

Message ID 20260426120253.825060-4-peter.marko@siemens.com
State Under Review
Headers show
Series [1/8] harfbuzz: set status for CVE-2024-56732 | expand

Commit Message

Peter Marko April 26, 2026, 12:02 p.m. UTC 
From: Peter Marko <peter.marko@siemens.com>

NVD [1] has only redhat cpes.
Debian [2] says RHEL6 specific.
cvelistV5 [3] has unparseable (so assumes affected):
  "version": "shipped in Red Hat Enterprise Linux 6"

[1] https://nvd.nist.gov/vuln/detail/CVE-2017-3139
[2] https://security-tracker.debian.org/tracker/CVE-2017-3139
[3] https://github.com/CVEProject/cvelistV5/blob/main/cves/2017/3xxx/CVE-2017-3139.json

Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
 meta/recipes-connectivity/bind/bind_9.20.22.bb | 2 ++
 1 file changed, 2 insertions(+)
diff mbox series

Patch

diff --git a/meta/recipes-connectivity/bind/bind_9.20.22.bb b/meta/recipes-connectivity/bind/bind_9.20.22.bb
index c459cf28c9..318412a62c 100644
--- a/meta/recipes-connectivity/bind/bind_9.20.22.bb
+++ b/meta/recipes-connectivity/bind/bind_9.20.22.bb
@@ -108,3 +108,5 @@  FILES_SOLIBSDEV = "${libdir}/*[!0-9].so ${libdir}/libbind9.so"
 FILES:${PN}-libs = "${libdir}/named/*.so* ${libdir}/*-${PV}.so"
 
 DEV_PKG_DEPENDENCY = ""
+
+CVE_STATUS[CVE-2017-3139] = "not-applicable-platform: RedHat specific issue"