* [Buildroot] [git commit] package/libcoap: ignore CVE-2023-35862
@ 2023-09-22 19:09 Arnout Vandecappelle via buildroot
0 siblings, 0 replies; only message in thread
From: Arnout Vandecappelle via buildroot @ 2023-09-22 19:09 UTC (permalink / raw)
To: buildroot
commit: https://git.buildroot.net/buildroot/commit/?id=20c023a3b1363f914a18652a79f83648af2cf1e6
branch: https://git.buildroot.net/buildroot/commit/?id=refs/heads/master
According to a collaborator [0] the affected code isn't in 4.3.1
[0]: https://github.com/obgm/libcoap/issues/1117
Signed-off-by: Daniel Lang <dalang@gmx.at>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
---
package/libcoap/libcoap.mk | 2 ++
1 file changed, 2 insertions(+)
diff --git a/package/libcoap/libcoap.mk b/package/libcoap/libcoap.mk
index 3773ad293c..94bfc59702 100644
--- a/package/libcoap/libcoap.mk
+++ b/package/libcoap/libcoap.mk
@@ -16,6 +16,8 @@ LIBCOAP_CONF_OPTS = \
LIBCOAP_AUTORECONF = YES
# 0001-Backport-fix-for-CVE-2023-30362.patch
LIBCOAP_IGNORE_CVES += CVE-2023-30362
+# Doesn't affect 4.3.1, see https://github.com/obgm/libcoap/issues/1117
+LIBCOAP_IGNORE_CVES += CVE-2023-35862
ifeq ($(BR2_PACKAGE_GNUTLS),y)
LIBCOAP_DEPENDENCIES += gnutls
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2023-09-22 19:12 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-09-22 19:09 [Buildroot] [git commit] package/libcoap: ignore CVE-2023-35862 Arnout Vandecappelle via buildroot
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.