[meta-security][kirkstone][PATCH] sssd: ignore CVE-2018-16838


Davide Gardenal
 

CVE-2018-16838 is patched in our version of sssd but it doesn't have
a vulnerable version range in the NVD database,
that's why it needs to be ignored.

Signed-off-by: Davide Gardenal <davide.gardenal@...>
---
recipes-security/sssd/sssd_2.5.2.bb | 4 ++++
1 file changed, 4 insertions(+)

diff --git a/recipes-security/sssd/sssd_2.5.2.bb b/recipes-security/sssd/sssd_2.5.2.bb
index 9f1d627..4c75e0a 100644
--- a/recipes-security/sssd/sssd_2.5.2.bb
+++ b/recipes-security/sssd/sssd_2.5.2.bb
@@ -28,6 +28,10 @@ SRC_URI = "https://github.com/SSSD/sssd/releases/download/${PV}/sssd-${PV}.tar.g

SRC_URI[sha256sum] = "5e21b3c7b4a2f1063d0fbdd3216d29886b6eaba153b44fb5961698367f399a0f"

+CVE_CHECK_IGNORE += "\
+ CVE-2018-16838 \
+"
+
inherit autotools pkgconfig gettext python3-dir features_check systemd

REQUIRED_DISTRO_FEATURES = "pam"
--
2.34.1