From: Richard Purdie <[email protected]> CVE only applies to some distributed RHEL binaries so irrelavent to us.
Signed-off-by: Richard Purdie <[email protected]> (cherry picked from commit 5d8b3ddf91050f6745a99a8abb1c3b03c35247af) Signed-off-by: Steve Sakoman <[email protected]> --- meta/recipes-connectivity/openssh/openssh_8.2p1.bb | 3 +++ 1 file changed, 3 insertions(+) diff --git a/meta/recipes-connectivity/openssh/openssh_8.2p1.bb b/meta/recipes-connectivity/openssh/openssh_8.2p1.bb index b429fbe96d..6ed54a8139 100644 --- a/meta/recipes-connectivity/openssh/openssh_8.2p1.bb +++ b/meta/recipes-connectivity/openssh/openssh_8.2p1.bb @@ -35,6 +35,9 @@ CVE_CHECK_WHITELIST += "CVE-2007-2768" # and when running in a Kerberos environment. As such it is not relevant to OpenEmbedded CVE_CHECK_WHITELIST += "CVE-2014-9278" +# CVE only applies to some distributed RHEL binaries +CVE_CHECK_WHITELIST += "CVE-2008-3844" + PAM_SRC_URI = "file://sshd" inherit manpages useradd update-rc.d update-alternatives systemd -- 2.25.1
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#151955): https://lists.openembedded.org/g/openembedded-core/message/151955 Mute This Topic: https://lists.openembedded.org/mt/82887672/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
