freeradius: ignore patched CVEs

CVE-2002-0318 and CVE-2011-4966 are both patched in our version of freeradius. The CPE in the NVD database doesn't reflect correctly the vulnerable versions that's why they are incorrectly picked up. Signed-off-by: Davide Gardenal <davide.gardenal@huawei.com>
author: Davide Gardenal <davidegarde2000@gmail.com> 2022-07-15 15:35:15 +0200
committer: Armin Kuster <akuster808@gmail.com> 2022-07-18 07:02:05 -0700
commit: 4b4c6f4a8a2a9944b6d56fbf33db7ecfb9b8a128 (patch)
tree: 116fb57a66033a3c2faae63f8f200f834025b773
parent: b7c6c47d4d5ceb4d9c5affa7e86744f0b8c2faf4 (diff)
download: meta-openembedded-contrib-4b4c6f4a8a2a9944b6d56fbf33db7ecfb9b8a128.tar.gz
1 files changed, 5 insertions, 0 deletions
diff --git a/meta-networking/recipes-connectivity/freeradius/freeradius_3.0.21.bb b/meta-networking/recipes-connectivity/freeradius/freeradius_3.0.21.bb
index 453e514b67..d6477e340e 100644
--- a/meta-networking/recipes-connectivity/freeradius/freeradius_3.0.21.bb
+++ b/meta-networking/recipes-connectivity/freeradius/freeradius_3.0.21.bb
@@ -38,6 +38,11 @@ raddbdir="${sysconfdir}/${MLPREFIX}raddb"
 
 SRCREV = "af428abda249b2279ba0582180985a9f6f4a144a"
 
+CVE_CHECK_IGNORE = "\
+    CVE-2002-0318 \
+    CVE-2011-4966 \
+"
+
 PARALLEL_MAKE = ""
 
 S = "${WORKDIR}/git"
author	Davide Gardenal <davidegarde2000@gmail.com>	2022-07-15 15:35:15 +0200
committer	Armin Kuster <akuster808@gmail.com>	2022-07-18 07:02:05 -0700
commit	4b4c6f4a8a2a9944b6d56fbf33db7ecfb9b8a128 (patch)
tree	116fb57a66033a3c2faae63f8f200f834025b773
parent	b7c6c47d4d5ceb4d9c5affa7e86744f0b8c2faf4 (diff)
download	meta-openembedded-contrib-4b4c6f4a8a2a9944b6d56fbf33db7ecfb9b8a128.tar.gz