diff mbox series

[meta-oe,v2] redis: ignore CVE-2025-21605

Message ID 20251007091115.3908146-1-skandigraun@gmail.com
State Accepted
Headers show
Series [meta-oe,v2] redis: ignore CVE-2025-21605 | expand

Commit Message

Gyorgy Sarvari Oct. 7, 2025, 9:11 a.m. UTC 
The fix has been backported to both redis versions by upstream, and
both versions contain it already.

For 6.2.20 [1] contains the backported fix.

For 7.2.11 [2] contains the backported fix.

[1]: https://github.com/redis/redis/commit/5e93f9cb9dbc3e7ac9bce36f2838156cbc5c9e62
[2]: https://github.com/redis/redis/commit/42fb340ce426364d64f5dccc9c2549e58f48ac6f

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
---
 meta-oe/recipes-extended/redis/redis_6.2.20.bb | 2 ++
 meta-oe/recipes-extended/redis/redis_7.2.11.bb | 2 ++
 2 files changed, 4 insertions(+)
diff mbox series

Patch

diff --git a/meta-oe/recipes-extended/redis/redis_6.2.20.bb b/meta-oe/recipes-extended/redis/redis_6.2.20.bb
index f2e6175462..175e0a9fc2 100644
--- a/meta-oe/recipes-extended/redis/redis_6.2.20.bb
+++ b/meta-oe/recipes-extended/redis/redis_6.2.20.bb
@@ -20,6 +20,8 @@  SRC_URI = "http://download.redis.io/releases/${BP}.tar.gz \
 
 SRC_URI[sha256sum] = "7f8b8a7aed53c445a877adf9e3743cdd323518524170135a58c0702f2dba6ef4"
 
+CVE_STATUS[CVE-2025-21605] = "cpe-incorrect: the used version already contains the fix"
+
 inherit update-rc.d systemd useradd
 
 FINAL_LIBS:x86:toolchain-clang = "-latomic"
diff --git a/meta-oe/recipes-extended/redis/redis_7.2.11.bb b/meta-oe/recipes-extended/redis/redis_7.2.11.bb
index 5aea249133..a57ee2d05c 100644
--- a/meta-oe/recipes-extended/redis/redis_7.2.11.bb
+++ b/meta-oe/recipes-extended/redis/redis_7.2.11.bb
@@ -21,6 +21,8 @@  SRC_URI[sha256sum] = "2f9886eca68d30114ad6a01da65631f8007d802fd3e6c9fac711251e63
 
 RPROVIDES:${PN} = "virtual-redis"
 
+CVE_STATUS[CVE-2025-21605] = "cpe-incorrect: the used version already contains the fix"
+
 inherit pkgconfig update-rc.d systemd useradd
 
 FINAL_LIBS:x86:toolchain-clang = "-latomic"