diff options
author | Peter Marko <peter.marko@siemens.com> | 2023-03-14 20:49:28 +0100 |
---|---|---|
committer | Armin Kuster <akuster808@gmail.com> | 2023-03-16 08:12:34 -0400 |
commit | 5750c2be10a7f843c602c039643083fb5f6bc40a (patch) | |
tree | eb29a330a5149b0508ae42a7d3bcd9ba6dc662c1 | |
parent | 8dbbf8224e27e0cd595698963adcc0c01ba36385 (diff) | |
download | meta-openembedded-5750c2be10a7f843c602c039643083fb5f6bc40a.tar.gz |
ntp: whitelist CVE-2019-11331
Links from https://nvd.nist.gov/vuln/detail/CVE-2019-11331 lead to
conclusion that this is how icurrent ntp protocol is designed.
New RFC is propsed for future but it will not be compatible with current
one.
See https://support.f5.com/csp/article/K09940637
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
-rw-r--r-- | meta-networking/recipes-support/ntp/ntp_4.2.8p15.bb | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/meta-networking/recipes-support/ntp/ntp_4.2.8p15.bb b/meta-networking/recipes-support/ntp/ntp_4.2.8p15.bb index 2ae53dc640..c4589c20f5 100644 --- a/meta-networking/recipes-support/ntp/ntp_4.2.8p15.bb +++ b/meta-networking/recipes-support/ntp/ntp_4.2.8p15.bb @@ -30,6 +30,7 @@ SRC_URI = "http://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-4.2/ntp-${PV}.tar.g SRC_URI[sha256sum] = "f65840deab68614d5d7ceb2d0bb9304ff70dcdedd09abb79754a87536b849c19" # CVE-2016-9312 is only for windows. +# CVE-2019-11331 is inherent to RFC 5905 and cannot be fixed without breaking compatibility # The other CVEs are not correctly identified because cve-check # is not able to check the version correctly (it only checks for 4.2.8 omitting p15 that makes the difference) CVE_CHECK_IGNORE += "\ @@ -53,6 +54,7 @@ CVE_CHECK_IGNORE += "\ CVE-2016-7433 \ CVE-2016-9310 \ CVE-2016-9311 \ + CVE-2019-11331 \ " |