From: Ankur Tyagi <[email protected]> Details: https://nvd.nist.gov/vuln/detail/CVE-2024-44070
The PR[1] fixing this CVE was backported[2] to stable/9.1 and commit[3] exists in the current version so we can ignore it. $ git tag --contains 21cd931 | grep frr-9.1.3 frr-9.1.3 [1] https://github.com/FRRouting/frr/pull/16497 [2] https://github.com/FRRouting/frr/pull/16504 [3] https://github.com/FRRouting/frr/commit/21cd931a5f9303e12104c72ce31ca383c0c57514 Signed-off-by: Ankur Tyagi <[email protected]> --- meta-networking/recipes-protocols/frr/frr_9.1.3.bb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/meta-networking/recipes-protocols/frr/frr_9.1.3.bb b/meta-networking/recipes-protocols/frr/frr_9.1.3.bb index c5f626a35a..f75ce20ab3 100644 --- a/meta-networking/recipes-protocols/frr/frr_9.1.3.bb +++ b/meta-networking/recipes-protocols/frr/frr_9.1.3.bb @@ -135,3 +135,5 @@ USERADD_PARAM:${PN} = "--system --home ${localstatedir}/run/frr/ -M -g frr -G fr FILES:${PN} += "${datadir}/yang" BBCLASSEXTEND = "native" + +CVE_STATUS[CVE-2024-44070] = "fixed-version: The current version (9.1.3) contains the fix."
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#123282): https://lists.openembedded.org/g/openembedded-devel/message/123282 Mute This Topic: https://lists.openembedded.org/mt/117172367/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
