package/emlog: annotate CVE-2019-16868 and CVE-2019-17073

CVE-2019-16868 and CVE-2019-17073 are misclassified (by our CVE tracker) as affecting emlog, while in fact it affects http://www.emlog.net. Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-02-29 21:45:48 +01:00 · 2020-02-29 21:45:48 +01:00 · 32d9a95d94
commit 32d9a95d94
parent 23d12793d5
1 changed files with 4 additions and 0 deletions
--- a/package/emlog/emlog.mk
+++ b/package/emlog/emlog.mk
@ -9,6 +9,10 @@ EMLOG_SITE = $(call github,nicupavel,emlog,emlog-$(EMLOG_VERSION))
 EMLOG_LICENSE = GPL-2.0
 EMLOG_LICENSE_FILES = COPYING

+# CVE-2019-16868 and CVE-2019-17073 are misclassified (by our CVE tracker) as
+# affecting emlog, while in fact it affects http://www.emlog.net.
+EMLOG_IGNORE_CVES += CVE-2019-16868 CVE-2019-17073
+
 define EMLOG_BUILD_CMDS
 	$(MAKE) -C $(@D) $(TARGET_CONFIGURE_OPTS) nbcat
 endef