NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

package/mpd: ignore CVE-2020-746[56] intended for FreeBSD PPP daemon

Browse Source 
cpe:2.3🅰️mpd_project:mpd:*:*:*:*:*:*:*:* is not a valid CPE
identifier for mpd (musicpd.org); this string refers to
MPD /FreeBSD PPP daemon (sourceforge.net/projects/mpd)

Since mpd does not have entries in the CVE database, put these
two CVE identifiers on the mpd ignore list:

  https://nvd.nist.gov/vuln/detail/CVE-2020-7465
  https://nvd.nist.gov/vuln/detail/CVE-2020-7466

Signed-off-by: Andreas Ziegler <br015@umbiko.net>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit 210e6bd559)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit is contained in:
Andreas Ziegler 2022-02-03 10:47:46 +01:00 committed by Peter Korsgaard
parent 0cc9eed5d4
commit 8ab26921c2
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
package/mpd/mpd.mk
View File

@ -11,6 +11,8 @@ MPD_SITE = http://www.musicpd.org/download/mpd/$(MPD_VERSION_MAJOR)
MPD_DEPENDENCIES = host-pkgconf boost
MPD_LICENSE = GPL-2.0+
MPD_LICENSE_FILES = COPYING
# these refer to the FreeBSD PPP daemon
MPD_IGNORE_CVES = CVE-2020-7465 CVE-2020-7466
MPD_SELINUX_MODULES = mpd
MPD_CONF_OPTS = \
-Daudiofile=disabled \