From 5d6e2e5c987e308827b6254494fd8fdcb6c06bff Mon Sep 17 00:00:00 2001
From: "Guillaume W. Bres" <guillaume.bressaix@gmail.com>
Date: Sat, 18 Jul 2020 10:11:54 +0200
Subject: [PATCH] package/libnids: ignore CVE-2010-0751

This CVE is falsely reported because it was fixed in package version
1.24 (which we are using). Ignore this CVE until the database is
updated.

Signed-off-by: Guillaume W. Bres <guillaume.bressaix@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
---
 package/libnids/libnids.mk | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/package/libnids/libnids.mk b/package/libnids/libnids.mk
index 4a67215242..fb3df318b4 100644
--- a/package/libnids/libnids.mk
+++ b/package/libnids/libnids.mk
@@ -12,6 +12,10 @@ LIBNIDS_INSTALL_STAGING = YES
 LIBNIDS_DEPENDENCIES = host-pkgconf libpcap
 LIBNIDS_AUTORECONF = YES
 
+# CVE-2010-0751 was fixed in libnids v1.24 but the NVD database is not
+# aware of the fix, ignore it until this is updated
+LIBNIDS_IGNORE_CVES += CVE-2010-0751
+
 # disable libnet if not available
 # Tests in configure.in expect --with-libnet=$build_dir
 # not an installation patch like in our context.
-- 
2.30.2