[meta-oe,styhead,16/24] monkey: ignore CVE-2013-1771

Message ID	20250105232358.1502946-16-akuster808@gmail.com
State	New
Headers	show Return-Path: <akuster808@gmail.com> ip: 209.85.219.181, mailfrom: akuster808@gmail.com) From: Armin Kuster <akuster808@gmail.com> To: openembedded-devel@lists.openembedded.org Cc: Peter Marko <peter.marko@siemens.com>, Khem Raj <raj.khem@gmail.com> Subject: [meta-oe][styhead][PATCH 16/24] monkey: ignore CVE-2013-1771 Date: Sun, 5 Jan 2025 18:23:49 -0500 Message-ID: <20250105232358.1502946-16-akuster808@gmail.com> In-Reply-To: <20250105232358.1502946-1-akuster808@gmail.com> References: <20250105232358.1502946-1-akuster808@gmail.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit
Series	[meta-oe,styhead,01/24] abseil-cpp: Do not leak -Wnon-virtual-dtor into the .pc files \| expand [meta-oe,styhead,01/24] abseil-cpp: Do not leak -Wnon-virtual-dtor into the .pc files [meta-oe,styhead,02/24] mariadb: Fix build with clang-20/trunk [meta-oe,styhead,03/24] mariadb: Ensure compatibility with ARMv9 by updating .arch directive [meta-oe,styhead,04/24] proftpd: set status of CVE-2001-0027 [meta-oe,styhead,05/24] wireshark: use inherit_defer for conditional cases [meta-oe,styhead,06/24] ntfs-3g-ntfsprogs: fix CVE-2023-52890 [meta-oe,styhead,07/24] dash: set CVE_PRODUCT [meta-oe,styhead,09/24] bridge-utils: add CVE_PRODUCT [meta-oe,styhead,10/24] ace: ignore CVE-2009-1147 [meta-oe,styhead,11/24] nginx: Upgrade mainline release version 1.27.1 -> 1.27.3 [meta-oe,styhead,12/24] apache2: ignore CVE-1999-0678 and CVE-1999-1412 [meta-oe,styhead,13/24] apache2: remove old version references from CVEs [meta-oe,styhead,14/24] spice: ignore CVE-2016-0749 [meta-oe,styhead,15/24] gattlib: mark CVE-2019-6498 as fixed [meta-oe,styhead,16/24] monkey: ignore CVE-2013-1771 [meta-oe,styhead,17/24] redis: ignore CVE-2022-0543 [meta-oe,styhead,18/24] spice-gtk: mark CVE-2012-4425 as fixed [meta-oe,styhead,19/24] apache2: ignore disputed CVE CVE-2007-0086 [meta-oe,styhead,20/24] memcached: ignore disputed CVE-2022-26635 [meta-oe,styhead,21/24] emlog: set CVE_PRODUCT [meta-oe,styhead,22/24] postgresql: upgrade 16.4 -> 16.5 [meta-oe,styhead,23/24] php: upgrade 8.2.20 -> 8.2.26 [meta-oe,styhead,24/24] wireshark: upgrade 4.2.8 -> 4.2.9

Message ID

20250105232358.1502946-16-akuster808@gmail.com

State

New

Headers

From: Armin Kuster <akuster808@gmail.com>
To: openembedded-devel@lists.openembedded.org
Cc: Peter Marko <peter.marko@siemens.com>,
	Khem Raj <raj.khem@gmail.com>
Subject: [meta-oe][styhead][PATCH 16/24] monkey: ignore CVE-2013-1771
Date: Sun,  5 Jan 2025 18:23:49 -0500
Message-ID: <20250105232358.1502946-16-akuster808@gmail.com>
In-Reply-To: <20250105232358.1502946-1-akuster808@gmail.com>
References: <20250105232358.1502946-1-akuster808@gmail.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Series

[meta-oe,styhead,01/24] abseil-cpp: Do not leak -Wnon-virtual-dtor into the .pc files | expand

Commit Message

akuster808 Jan. 5, 2025, 11:23 p.m. UTC

From: Peter Marko <peter.marko@siemens.com>

This is gentoo specific CVE.
NVD tracks this as version-less CVE.

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 36a7e409d8dcee804f911174291a0c72b8037934)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
 meta-webserver/recipes-httpd/monkey/monkey_1.6.9.bb | 1 +
 1 file changed, 1 insertion(+)

diff --git a/meta-webserver/recipes-httpd/monkey/monkey_1.6.9.bb b/meta-webserver/recipes-httpd/monkey/monkey_1.6.9.bb
index f10262366a..a11af8129a 100644
--- a/meta-webserver/recipes-httpd/monkey/monkey_1.6.9.bb
+++ b/meta-webserver/recipes-httpd/monkey/monkey_1.6.9.bb
@@ -91,3 +91,4 @@  CONFFILES:${PN} = "${sysconfdir}/monkey/monkey.conf \
                    "
 
 CVE_STATUS[CVE-2013-2183] = "cpe-incorrect: Current version (1.6.9) is not affected. Issue was addressed in version 1.3.0"
+CVE_STATUS[CVE-2013-1771] = "not-applicable-platform: this is gentoo specific CVE"

[meta-oe,styhead,16/24] monkey: ignore CVE-2013-1771

Commit Message

Patch