[Buildroot] [PATCH 1/1] package/ed: annotate CVE-2015-2987

Fabrice Fontaine fontaine.fabrice at gmail.com
Sun Mar 1 19:46:37 UTC 2020


CVE-2015-2987 is misclassified (by our CVE tracker) as affecting ed,
while in fact it affects Type74 ED (http://type74.org/edman5-1.php).

Signed-off-by: Fabrice Fontaine <fontaine.fabrice at gmail.com>
---
 package/ed/ed.mk | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/package/ed/ed.mk b/package/ed/ed.mk
index 6ef8f951cf..271297f60a 100644
--- a/package/ed/ed.mk
+++ b/package/ed/ed.mk
@@ -10,6 +10,10 @@ ED_SOURCE = ed-$(ED_VERSION).tar.lz
 ED_LICENSE = GPL-3.0+
 ED_LICENSE_FILES = COPYING
 
+# CVE-2015-2987 is misclassified (by our CVE tracker) as affecting ed, while in
+# fact it affects Type74 ED (http://type74.org/edman5-1.php).
+ED_IGNORE_CVES += CVE-2015-2987
+
 define ED_CONFIGURE_CMDS
 	(cd $(@D); \
 		$(TARGET_MAKE_ENV) ./configure \
-- 
2.25.0



More information about the buildroot mailing list