MIRRORS/meta-openembedded
1
0
Fork 0
mirror of https://github.com/openembedded/meta-openembedded.git synced 2025-10-22 15:03:59 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity

redis: ignore CVE-2022-3734 and CVE-2022-0543

Browse Source 
CVE-2022-3734 only affects Windows.
CVE-2022-0543 affects only packages that were packaged for Debian and
Debian-derivative distros.

Neither of these issues is present in upstream Redis.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This commit is contained in:
Gyorgy Sarvari 2025-10-07 11:23:42 +02:00 committed by Khem Raj
parent 17ba274172
commit 8f1269507a
No known key found for this signature in database
GPG Key ID: BB053355919D3314
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
meta-oe/recipes-extended/redis/redis_6.2.20.bb
View File

@ -21,6 +21,8 @@ SRC_URI = "http://download.redis.io/releases/${BP}.tar.gz \
SRC_URI[sha256sum] = "7f8b8a7aed53c445a877adf9e3743cdd323518524170135a58c0702f2dba6ef4"
CVE_STATUS[CVE-2025-21605] = "cpe-incorrect: the used version already contains the fix"
CVE_STATUS[CVE-2022-0543] = "not-applicable-config: the vulnerability is not present in upstream, only in Debian-packaged version"
CVE_STATUS[CVE-2022-3734] = "not-applicable-config: only affects Windows"
inherit update-rc.d systemd useradd