NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

package/libcurl: ignore CVE-2024-32928

Browse Source 
This vulnerability only affects libcurl deployments in Nest products
because of incorrect use.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 7e739d49b235c1692edbb51dcc23671eaa79fd4f)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit is contained in:
Baruch Siach 2024-10-21 14:54:17 +03:00 committed by Peter Korsgaard
parent 5dc99e10e1
commit f0d7171ad9
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
package/libcurl/libcurl.mk
View File

@ -32,6 +32,10 @@ LIBCURL_CONF_OPTS = \
--disable-ldap \
--disable-ldaps
# Only affects Nest products.
# https://nvd.nist.gov/vuln/detail/CVE-2024-32928
LIBCURL_IGNORE_CVES += CVE-2024-32928
ifeq ($(BR2_TOOLCHAIN_HAS_THREADS),y)
LIBCURL_CONF_OPTS += --enable-threaded-resolver
else