[OE-core] [PATCH] openssh: Mark CVE-2023-51767 as wont-fix

Khem Raj Mon, 19 Aug 2024 14:55:01 -0700

Signed-off-by: Khem Raj <[email protected]>
---
 meta/recipes-connectivity/openssh/openssh_9.8p1.bb | 1 +
 1 file changed, 1 insertion(+)


diff --git a/meta/recipes-connectivity/openssh/openssh_9.8p1.bb 
b/meta/recipes-connectivity/openssh/openssh_9.8p1.bb
index 9554b4783f4..83145dbd185 100644
--- a/meta/recipes-connectivity/openssh/openssh_9.8p1.bb
+++ b/meta/recipes-connectivity/openssh/openssh_9.8p1.bb
@@ -37,6 +37,7 @@ CVE_STATUS[CVE-2014-9278] = "not-applicable-platform: This 
CVE is specific to Op
 Red Hat Enterprise Linux 7 and when running in a Kerberos environment"
 
 CVE_STATUS[CVE-2008-3844] = "not-applicable-platform: Only applies to some 
distributed RHEL binaries."
+CVE_STATUS[CVE-2023-51767] = "upstream-wontfix: It was demonstrated on 
modified sshd and does not exist in upstream openssh 
https://bugzilla.mindrot.org/show_bug.cgi?id=3656#c1.";
 
 PAM_SRC_URI = "file://sshd"

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#203520): 
https://lists.openembedded.org/g/openembedded-core/message/203520
Mute This Topic: https://lists.openembedded.org/mt/107990469/21656
Group Owner: [email protected]
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[[email protected]]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [PATCH] openssh: Mark CVE-2023-51767 as wont-fix

Reply via email to