* [Buildroot] [PATCH v2 1/1] package/exim: ignore CVE-2020-28017
@ 2022-08-01 15:01 Bernd Kuhls
2022-08-01 15:11 ` Luca Ceresoli via buildroot
2022-08-01 16:51 ` Thomas Petazzoni via buildroot
0 siblings, 2 replies; 3+ messages in thread
From: Bernd Kuhls @ 2022-08-01 15:01 UTC (permalink / raw)
To: buildroot; +Cc: Luca Ceresoli
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
---
v2: fixed wrong CVE number (Luca)
package/exim/exim.mk | 2 ++
1 file changed, 2 insertions(+)
diff --git a/package/exim/exim.mk b/package/exim/exim.mk
index e0fcd83fb0..b99e280f6c 100644
--- a/package/exim/exim.mk
+++ b/package/exim/exim.mk
@@ -10,6 +10,8 @@ EXIM_SITE = https://ftp.exim.org/pub/exim/exim4
EXIM_LICENSE = GPL-2.0+
EXIM_LICENSE_FILES = LICENCE
EXIM_CPE_ID_VENDOR = exim
+# fixed in version 4.94.2
+EXIM_IGNORE_CVES += CVE-2020-28017
EXIM_SELINUX_MODULES = exim mta
EXIM_DEPENDENCIES = host-berkeleydb host-pcre2 pcre2 berkeleydb host-pkgconf
--
2.30.2
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [Buildroot] [PATCH v2 1/1] package/exim: ignore CVE-2020-28017
2022-08-01 15:01 [Buildroot] [PATCH v2 1/1] package/exim: ignore CVE-2020-28017 Bernd Kuhls
@ 2022-08-01 15:11 ` Luca Ceresoli via buildroot
2022-08-01 16:51 ` Thomas Petazzoni via buildroot
1 sibling, 0 replies; 3+ messages in thread
From: Luca Ceresoli via buildroot @ 2022-08-01 15:11 UTC (permalink / raw)
To: Bernd Kuhls; +Cc: buildroot
Hi Bernd,
On Mon, 1 Aug 2022 17:01:39 +0200
Bernd Kuhls <bernd.kuhls@t-online.de> wrote:
> Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Reviewed-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
--
Luca Ceresoli, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [Buildroot] [PATCH v2 1/1] package/exim: ignore CVE-2020-28017
2022-08-01 15:01 [Buildroot] [PATCH v2 1/1] package/exim: ignore CVE-2020-28017 Bernd Kuhls
2022-08-01 15:11 ` Luca Ceresoli via buildroot
@ 2022-08-01 16:51 ` Thomas Petazzoni via buildroot
1 sibling, 0 replies; 3+ messages in thread
From: Thomas Petazzoni via buildroot @ 2022-08-01 16:51 UTC (permalink / raw)
To: Bernd Kuhls; +Cc: Luca Ceresoli, buildroot
On Mon, 1 Aug 2022 17:01:39 +0200
Bernd Kuhls <bernd.kuhls@t-online.de> wrote:
> +# fixed in version 4.94.2
> +EXIM_IGNORE_CVES += CVE-2020-28017
Could you please submit a bug to the NIST maintainers so that they
adjust their CVE database accordingly? I already reported some bugs,
and provided you give good information about how the CVE has been fixed
(reference to upstream commit, and indication of which release it is
part of), they are responsive and willing to fix the database.
Thanks!
Thomas
--
Thomas Petazzoni, co-owner and CEO, Bootlin
Embedded Linux and Kernel engineering and training
https://bootlin.com
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2022-08-01 16:51 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-08-01 15:01 [Buildroot] [PATCH v2 1/1] package/exim: ignore CVE-2020-28017 Bernd Kuhls
2022-08-01 15:11 ` Luca Ceresoli via buildroot
2022-08-01 16:51 ` Thomas Petazzoni via buildroot
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.