[Buildroot] [PATCH 05/15] package/rsyslog: remove stale IGNORE_CVES
Thomas Perale
thomas.perale at mind.be
Mon Dec 29 21:21:38 UTC 2025
Since Buildroot commit [1] the CVEs are no longer matched to CPEs with
versions using '-'.
The CVE-2015-3243 is then no longer matched to the rsyslog package.
For more information, see the explanation in commit [1].
[1] 35f376d88e support/scripts/cve.py: fix CPE matching
Signed-off-by: Thomas Perale <thomas.perale at mind.be>
---
package/rsyslog/rsyslog.mk | 4 ----
1 file changed, 4 deletions(-)
diff --git a/package/rsyslog/rsyslog.mk b/package/rsyslog/rsyslog.mk
index 69128afbac..dedecdc572 100644
--- a/package/rsyslog/rsyslog.mk
+++ b/package/rsyslog/rsyslog.mk
@@ -9,10 +9,6 @@ RSYSLOG_SITE = http://rsyslog.com/files/download/rsyslog
RSYSLOG_LICENSE = GPL-3.0, LGPL-3.0, Apache-2.0
RSYSLOG_LICENSE_FILES = COPYING COPYING.LESSER COPYING.ASL20
RSYSLOG_CPE_ID_VENDOR = rsyslog
-# rsyslog uses weak permissions for generating log files.
-# Ignoring this CVE as Buildroot normally doesn't have local users and a build
-# could customize the rsyslog.conf to be more restrictive ($FileCreateMode 0640)
-RSYSLOG_IGNORE_CVES += CVE-2015-3243
RSYSLOG_DEPENDENCIES = zlib libestr liblogging libfastjson host-pkgconf
RSYSLOG_CONF_ENV = ac_cv_prog_cc_c99='-std=c99'
--
2.52.0
More information about the buildroot
mailing list