package/ipsec-tools: annotate _IGNORE_CVES for the included security patches

author Peter Korsgaard <peter@korsgaard.com>

Wed, 19 Feb 2020 16:02:02 +0000 (17:02 +0100)

committer Peter Korsgaard <peter@korsgaard.com>

Thu, 20 Feb 2020 12:16:58 +0000 (13:16 +0100)
author Peter Korsgaard <peter@korsgaard.com>
Wed, 19 Feb 2020 16:02:02 +0000 (17:02 +0100)
committer Peter Korsgaard <peter@korsgaard.com>
Thu, 20 Feb 2020 12:16:58 +0000 (13:16 +0100)
diff --git a/package/ipsec-tools/ipsec-tools.mk b/package/ipsec-tools/ipsec-tools.mk

index 634d7526615120a9323ef4f450158d21067fe21b..72bd8c196c2da98459be40e883d456ef9cb41f1c 100644 (file)
--- a/package/ipsec-tools/ipsec-tools.mk
+++ b/package/ipsec-tools/ipsec-tools.mk
@@ -15,6 +15,11 @@ IPSEC_TOOLS_DEPENDENCIES = openssl flex host-pkgconf host-flex host-bison
  # we patch configure.ac
  IPSEC_TOOLS_AUTORECONF = YES
  
+# 0004-CVE-2015-4047.patch
+IPSEC_TOOLS_IGNORE_CVES += CVE-2015-4047
+# 0005-CVE-2016-10396.patch
+IPSEC_TOOLS_IGNORE_CVES += CVE-2016-10396
+
  # configure hardcodes -Werror, so override CFLAGS on make invocation
  IPSEC_TOOLS_MAKE_OPTS = CFLAGS='$(TARGET_CFLAGS)'
author	Peter Korsgaard <peter@korsgaard.com>
	Wed, 19 Feb 2020 16:02:02 +0000 (17:02 +0100)
committer	Peter Korsgaard <peter@korsgaard.com>
	Thu, 20 Feb 2020 12:16:58 +0000 (13:16 +0100)