NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

package/lightning: don't ignore unrelated CVE-2020-7747

Browse Source 
A new CPE ID was assigned by NIST and this whitelist can be
dropped as the package is setup to use the correct CPE (Not
to be confused with the other lightning-* packages which show
up when a free txt search is used to find the CVE.)

This reverts commit 613953f821.

Cc: Paul Cercueil <paul@crapouillou.net>
Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Matthew Weber <matthew.weber@collins.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This commit is contained in:
Matthew Weber 2021-10-18 16:40:14 -05:00 committed by Yann E. MORIN
parent fe6767f7cd
commit cbe1b46155
1 changed files with 0 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
package/lightning/lightning.mk
View File

@ -13,10 +13,6 @@ LIGHTNING_CPE_ID_VENDOR = gnu
# We're patching include/Makefile.am
LIGHTNING_AUTORECONF = YES
# CVE-2020-7747 is for the Javascript lightning-server project, and not for
# GNU Lightning.
LIGHTNING_IGNORE_CVES = CVE-2020-7747
ifeq ($(BR2_PACKAGE_LIGHTNING_DISASSEMBLER),y)
LIGHTNING_DEPENDENCIES += binutils zlib
LIGHTNING_CONF_OPTS += --enable-disassembler