package/bind: ignore CVE-2017-3139

This CVE is only relevant to the configuration of a specific RHEL release (6.x). https://bugzilla.redhat.com/show_bug.cgi?id=1447743 Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com> Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr> (cherry picked from commit 357dd51bbd) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-04-21 15:42:26 -05:00 · 2021-04-21 15:42:26 -05:00 · 5539ddc0c9
commit 5539ddc0c9
parent 3a88fb0307
1 changed files with 2 additions and 0 deletions
--- a/package/bind/bind.mk
+++ b/package/bind/bind.mk
@ -13,6 +13,8 @@ BIND_CONFIG_SCRIPTS = bind9-config isc-config.sh
 BIND_LICENSE = MPL-2.0
 BIND_LICENSE_FILES = COPYRIGHT
 BIND_CPE_ID_VENDOR = isc
+# Only applies to RHEL6.x with DNSSEC validation on
+BIND_IGNORE_CVES = CVE-2017-3139
 BIND_TARGET_SERVER_SBIN = arpaname ddns-confgen dnssec-checkds dnssec-coverage
 BIND_TARGET_SERVER_SBIN += dnssec-importkey dnssec-keygen dnssec-revoke
 BIND_TARGET_SERVER_SBIN += dnssec-settime dnssec-verify genrandom