aboutsummaryrefslogtreecommitdiffstats
path: root/meta-oe/recipes-support
diff options
context:
space:
mode:
authorPeter Marko <peter.marko@siemens.com>2023-06-02 11:18:20 +0200
committerKhem Raj <raj.khem@gmail.com>2023-06-04 22:29:45 -0700
commit81c18e0797694d74198a737dac08a3e8f631cac9 (patch)
tree4466662c7344f6fb1c370d4b0e4d481b4d675f80 /meta-oe/recipes-support
parent110f60fff7af288490ac3734685a1422d2724a5c (diff)
downloadmeta-openembedded-contrib-81c18e0797694d74198a737dac08a3e8f631cac9.tar.gz
nss: ignore CVE-2022-3479
Investigation based on https://bugzilla.mozilla.org/show_bug.cgi?id=1774654 leads to following: * fixed in 3.87 (https://hg.mozilla.org/projects/nss/rev/a7f363511333b8062945557607691002fd6e40b9) * changed code was introduced in 3.77 (https://hg.mozilla.org/projects/nss/rev/be6a97823bfe10fa08e17c9584938a2d525a38da) * NVD claims fix in 3.81, but there is no evidence for it in commit history (https://hg.mozilla.org/projects/nss/graph/a7f363511333b8062945557607691002fd6e40b9) * Debian also says for old versions "nss <not-affected> (Vulnerable code not present/was introduced later)" (https://security-tracker.debian.org/tracker/CVE-2022-3479) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
Diffstat (limited to 'meta-oe/recipes-support')
-rw-r--r--meta-oe/recipes-support/nss/nss_3.74.bb3
1 files changed, 3 insertions, 0 deletions
diff --git a/meta-oe/recipes-support/nss/nss_3.74.bb b/meta-oe/recipes-support/nss/nss_3.74.bb
index a7048f0fe8..38407a7c42 100644
--- a/meta-oe/recipes-support/nss/nss_3.74.bb
+++ b/meta-oe/recipes-support/nss/nss_3.74.bb
@@ -289,3 +289,6 @@ CVE_CHECK_IGNORE += "CVE-2006-5201"
# CVES CVE-2017-11695 CVE-2017-11696 CVE-2017-11697 CVE-2017-11698 only affect
# the legacy db (libnssdbm), only compiled with --enable-legacy-db.
CVE_CHECK_IGNORE += "CVE-2017-11695 CVE-2017-11696 CVE-2017-11697 CVE-2017-11698"
+
+# vulnerability was introduced in 3.77 and fixed in 3.87
+CVE_CHECK_IGNORE += "CVE-2022-3479"
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-05-21 06:30:44 +0000