projects / buildroot.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: bf66772)
package/avahi: ignore CVE-2021-26720
authorPeter Korsgaard <peter@korsgaard.com>
Wed, 7 Apr 2021 13:54:23 +0000 (15:54 +0200)
committerArnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Wed, 7 Apr 2021 18:41:14 +0000 (20:41 +0200)
CVE-2021-26720 is an issue in avahi-daemon-check-dns.sh, which is part of
the Debian packaging and not part of upstream avahi - So ignore the CVE.

https://security-tracker.debian.org/tracker/CVE-2021-26720

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
package/avahi/avahi.mk patch | blob | history

diff --git a/package/avahi/avahi.mk b/package/avahi/avahi.mk
index e2b27328cdf07bdbbbf0b123310e12bfa0fafe62..b71fc189a03dd8015794f89e07d502916b6e88fd 100644 (file)
--- a/package/avahi/avahi.mk
+++ b/package/avahi/avahi.mk
@@ -11,6 +11,10 @@ AVAHI_LICENSE_FILES = LICENSE
 AVAHI_CPE_ID_VENDOR = avahi
 AVAHI_INSTALL_STAGING = YES
 
+# CVE-2021-26720 is an issue in avahi-daemon-check-dns.sh, which is
+# part of the Debian packaging and not part of upstream avahi
+AVAHI_IGNORE_CVES += CVE-2021-26720
+
 AVAHI_CONF_ENV = \
        avahi_cv_sys_cxx_works=yes \
        DATADIRNAME=share