Home Explore Help
Sign In
PUBLIC_REPOS
/
buildroot
mirror of git://git.buildroot.net/buildroot
2
1
Fork 0
Files
Browse Source

package/exiv2: annotate CVE-2019-13504

CVE-2019-13504 is misclassified (by our CVE tracker) as affecting
version 0.27.2, while in fact both commits that fixed this issue are
already in this version: bd0afe039043 and 54f0bebca032.

(From: https://security-tracker.debian.org/tracker/CVE-2019-13504)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine 5 years ago
parent
d8be0e4cd4
commit
4815bbc7b0
1 changed files with 5 additions and 0 deletions
Split View Show Diff Stats
  1. 5 0
      package/exiv2/exiv2.mk

+ 5 - 0
package/exiv2/exiv2.mk
View File 

@@ -10,6 +10,11 @@ EXIV2_INSTALL_STAGING = YES
 
 EXIV2_LICENSE = GPL-2.0+, BSD-3-Clause
 
 EXIV2_LICENSE_FILES = COPYING COPYING-CMAKE-SCRIPTS
 
 
+# CVE-2019-13504 is misclassified (by our CVE tracker) as affecting version
 
+# 0.27.2, while in fact both commits that fixed this issue are already in this
 
+# version.
 
+EXIV2_IGNORE_CVES += CVE-2019-13504
 
+
 
 # 0001-crwimage-Check-offset-and-size-against-total-size.patch
 
 EXIV2_IGNORE_CVES += CVE-2019-17402