[Buildroot] [PATCH] package/sysstat: drop CVE-2022-39377 from IGNORE_CVES
Daniel Lang
dalang at gmx.at
Thu Sep 21 04:15:18 UTC 2023
As off 2022-11-22 CVE-2022-39377 is listed as affecting sysstat
< 2.16.1 instead of < 2.17.1.
Signed-off-by: Daniel Lang <dalang at gmx.at>
---
package/sysstat/sysstat.mk | 3 ---
1 file changed, 3 deletions(-)
diff --git a/package/sysstat/sysstat.mk b/package/sysstat/sysstat.mk
index eaf505dc49..377396d986 100644
--- a/package/sysstat/sysstat.mk
+++ b/package/sysstat/sysstat.mk
@@ -14,9 +14,6 @@ SYSSTAT_LICENSE_FILES = COPYING
SYSSTAT_CPE_ID_VENDOR = sysstat_project
SYSSTAT_SELINUX_MODULES = sysstat
-# NVD is not up-to-date; 12.6.1 includes c1e631eddc50, which fixes the issue
-SYSSTAT_IGNORE_CVES += CVE-2022-39377
-
ifeq ($(BR2_PACKAGE_LM_SENSORS),y)
SYSSTAT_DEPENDENCIES += lm-sensors
SYSSTAT_CONF_OPTS += --enable-sensors
--
2.42.0
More information about the buildroot
mailing list