[Buildroot] [git commit] package/cmake: remove stale IGNORE_CVES
Thomas Petazzoni
thomas.petazzoni at bootlin.com
Tue Dec 30 10:54:24 UTC 2025
commit: https://git.buildroot.net/buildroot/commit/?id=ac47f65186d775ae98fda7429e007ff59e278c51
branch: https://git.buildroot.net/buildroot/commit/?id=refs/heads/master
Since Buildroot commit [1] the CVEs are no longer matched to CPEs with
versions using '-'.
These IGNORE_CVES entry introduced in [2] is then no longer matched to
the cmake package.
For more information, see the explanation in commit [1].
[1] 35f376d88e support/scripts/cve.py: fix CPE matching
[2] 5ce1e773b9 package/cmake: ignore CVE-2016-10642
Signed-off-by: Thomas Perale <thomas.perale at mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni at bootlin.com>
---
package/cmake/cmake.mk | 2 --
1 file changed, 2 deletions(-)
diff --git a/package/cmake/cmake.mk b/package/cmake/cmake.mk
index e9752640e5..ef4f6aa98e 100644
--- a/package/cmake/cmake.mk
+++ b/package/cmake/cmake.mk
@@ -11,8 +11,6 @@ CMAKE_SITE = https://cmake.org/files/v$(CMAKE_VERSION_MAJOR)
CMAKE_LICENSE = BSD-3-Clause
CMAKE_LICENSE_FILES = LICENSE.rst
CMAKE_CPE_ID_VALID = YES
-# Tool download MITM attack warning if using npm package to install cmake
-CMAKE_IGNORE_CVES = CVE-2016-10642
# The package is a dependency to ccache so ccache cannot be a dependency
HOST_CMAKE_ADD_CCACHE_DEPENDENCY = NO
More information about the buildroot
mailing list