Details: https://nvd.nist.gov/vuln/detail/CVE-2024-42861
The vulnerability report is considered to be bogus and a non-issue (or at least not a security issue) by upstream[1] and by major Linux distros[2][3][4]. [1]: https://lists.nwtime.org/sympa/arc/linuxptp-devel/2024-09/msg00080.html [2]: Ubuntu: https://ubuntu.com/security/CVE-2024-42861 [3]: Debian: https://security-tracker.debian.org/tracker/CVE-2024-42861 [4]: Suse: https://bugzilla.suse.com/show_bug.cgi?id=1230935 Signed-off-by: Gyorgy Sarvari <[email protected]> --- meta-oe/recipes-connectivity/linuxptp/linuxptp_3.1.1.bb | 3 +++ 1 file changed, 3 insertions(+) diff --git a/meta-oe/recipes-connectivity/linuxptp/linuxptp_3.1.1.bb b/meta-oe/recipes-connectivity/linuxptp/linuxptp_3.1.1.bb index 9c8e649b1a..ed6717d949 100644 --- a/meta-oe/recipes-connectivity/linuxptp/linuxptp_3.1.1.bb +++ b/meta-oe/recipes-connectivity/linuxptp/linuxptp_3.1.1.bb @@ -30,3 +30,6 @@ PACKAGES =+ "${PN}-configs" FILES:${PN}-configs = "${docdir}" FILES:${PN}-doc = "${mandir}" + +# disputed: Considered to be bogus by upstream and major distros +CVE_CHECK_IGNORE += "CVE-2024-42861"
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#121747): https://lists.openembedded.org/g/openembedded-devel/message/121747 Mute This Topic: https://lists.openembedded.org/mt/116311541/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
