summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRichard Purdie <richard.purdie@linuxfoundation.org>2021-05-11 12:30:39 +0100
committerRichard Purdie <richard.purdie@linuxfoundation.org>2021-05-22 10:00:45 +0100
commit416230b7236c391e89d0d7941b2d34b6234f993c (patch)
tree900170c27b499ecb8a36f691b2902cb2bbbfae05
parenta7aba0f1226411f44f316cdced6b2b47621d1d3f (diff)
downloadopenembedded-core-416230b7236c391e89d0d7941b2d34b6234f993c.tar.gz
openssh: Exclude CVE-2008-3844 from cve-check
CVE only applies to some distributed RHEL binaries so irrelavent to us. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-rw-r--r--meta/recipes-connectivity/openssh/openssh_8.5p1.bb3
1 files changed, 3 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/openssh/openssh_8.5p1.bb b/meta/recipes-connectivity/openssh/openssh_8.5p1.bb
index 41ac303d38..c6de519884 100644
--- a/meta/recipes-connectivity/openssh/openssh_8.5p1.bb
+++ b/meta/recipes-connectivity/openssh/openssh_8.5p1.bb
@@ -34,6 +34,9 @@ CVE_CHECK_WHITELIST += "CVE-2007-2768"
# and when running in a Kerberos environment. As such it is not relevant to OpenEmbedded
CVE_CHECK_WHITELIST += "CVE-2014-9278"
+# CVE only applies to some distributed RHEL binaries
+CVE_CHECK_WHITELIST += "CVE-2008-3844"
+
PAM_SRC_URI = "file://sshd"
inherit manpages useradd update-rc.d update-alternatives systemd