From: Pawan Badganchi <badganch...@gmail.com> As per debian, the issue is fixed by a feature called "agent restriction" in openssh 8.9. Urgency is unimportant as per debian, Hence this CVE is whitelisting. Link: https://security-tracker.debian.org/tracker/CVE-2021-36368 https://bugzilla.mindrot.org/show_bug.cgi?id=3316#c2 https://docs.ssh-mitm.at/trivialauth.html
Signed-off-by: Pawan Badganchi <badganch...@gmail.com> --- meta/recipes-connectivity/openssh/openssh_8.2p1.bb | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/meta/recipes-connectivity/openssh/openssh_8.2p1.bb b/meta/recipes-connectivity/openssh/openssh_8.2p1.bb index ddc9ed0b32..eaec26cac0 100644 --- a/meta/recipes-connectivity/openssh/openssh_8.2p1.bb +++ b/meta/recipes-connectivity/openssh/openssh_8.2p1.bb @@ -60,6 +60,13 @@ CVE_CHECK_WHITELIST += "CVE-2008-3844" # https://ubuntu.com/security/CVE-2016-20012 CVE_CHECK_WHITELIST += "CVE-2016-20012" +# As per debian, the issue is fixed by a feature called "agent restriction" in openssh 8.9 +# Urgency is unimportant as per debian, Hence this CVE is whitelisting. +# https://security-tracker.debian.org/tracker/CVE-2021-36368 +# https://bugzilla.mindrot.org/show_bug.cgi?id=3316#c2 +# https://docs.ssh-mitm.at/trivialauth.html +CVE_CHECK_WHITELIST += "CVE-2021-36368" + PAM_SRC_URI = "file://sshd" inherit manpages useradd update-rc.d update-alternatives systemd -- 2.36.1
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#166844): https://lists.openembedded.org/g/openembedded-core/message/166844 Mute This Topic: https://lists.openembedded.org/mt/91726776/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
