[Buildroot] [PATCH/stable] package/putty: Ignore CVE-2021-33500
Alexander Dahl
post at lespocky.de
Tue Jun 8 05:09:22 UTC 2021
Hello everyone,
since I get autobuilder warning mails every Monday for CVE-2021-33500
now, I kindly wanted to ask, if this is the right approach?
That CVE only affects Windows, master has putty 0.75 which has that
fixed already. So I thought it would not be necessary to backport 0.75
to the stable branch(es), but ignore that CVE in stable branches only?
Greets
Alex
On Tue, Jun 01, 2021 at 09:03:16AM +0200, Alexander Dahl wrote:
> Since putty is only affected by this CVE on Windows, ignore it in the
> stable branch. Branch master is not affected anymore already, due to
> newer version which got fixed.
>
> Signed-off-by: Alexander Dahl <post at lespocky.de>
> ---
> package/putty/putty.mk | 3 +++
> 1 file changed, 3 insertions(+)
>
> diff --git a/package/putty/putty.mk b/package/putty/putty.mk
> index c40cac9dc5..8a494d4e54 100644
> --- a/package/putty/putty.mk
> +++ b/package/putty/putty.mk
> @@ -12,6 +12,9 @@ PUTTY_CPE_ID_VENDOR = putty
> PUTTY_CONF_OPTS = --disable-gtktest
> PUTTY_CONF_ENV = CFLAGS="$(TARGET_CFLAGS) -Wno-error"
>
> +# Windows only, fixed for Windows with 0.75
> +PUTTY_IGNORE_CVES += CVE-2021-33500
> +
> ifeq ($(BR2_PACKAGE_LIBGTK2),y)
> PUTTY_CONF_OPTS += --with-gtk=2
> PUTTY_DEPENDENCIES += libgtk2
>
> base-commit: 677b20cf240d099e1bfc1d50e54730083618d24f
> --
> 2.20.1
>
> _______________________________________________
> buildroot mailing list
> buildroot at busybox.net
> http://lists.busybox.net/mailman/listinfo/buildroot
--
/"\ ASCII RIBBON | »With the first link, the chain is forged. The first
\ / CAMPAIGN | speech censured, the first thought forbidden, the
X AGAINST | first freedom denied, chains us all irrevocably.«
/ \ HTML MAIL | (Jean-Luc Picard, quoting Judge Aaron Satie)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.busybox.net/pipermail/buildroot/attachments/20210608/0e331e5a/attachment-0002.asc>
More information about the buildroot
mailing list