Message ID | 20220718112823.306477-1-davide.gardenal@huawei.com |
---|---|
State | Under Review |
Delegated to: | Armin Kuster |
Headers | show |
Series | [meta-security,kirkstone] sssd: ignore CVE-2018-16838 | expand |
diff --git a/recipes-security/sssd/sssd_2.5.2.bb b/recipes-security/sssd/sssd_2.5.2.bb index 9f1d627..4c75e0a 100644 --- a/recipes-security/sssd/sssd_2.5.2.bb +++ b/recipes-security/sssd/sssd_2.5.2.bb @@ -28,6 +28,10 @@ SRC_URI = "https://github.com/SSSD/sssd/releases/download/${PV}/sssd-${PV}.tar.g SRC_URI[sha256sum] = "5e21b3c7b4a2f1063d0fbdd3216d29886b6eaba153b44fb5961698367f399a0f" +CVE_CHECK_IGNORE += "\ + CVE-2018-16838 \ +" + inherit autotools pkgconfig gettext python3-dir features_check systemd REQUIRED_DISTRO_FEATURES = "pam"
CVE-2018-16838 is patched in our version of sssd but it doesn't have a vulnerable version range in the NVD database, that's why it needs to be ignored. Signed-off-by: Davide Gardenal <davide.gardenal@huawei.com> --- recipes-security/sssd/sssd_2.5.2.bb | 4 ++++ 1 file changed, 4 insertions(+)