[Buildroot] [git commit] package/rsyslog: remove stale IGNORE_CVES
Thomas Petazzoni
thomas.petazzoni at bootlin.com
Tue Dec 30 10:54:01 UTC 2025
commit: https://git.buildroot.net/buildroot/commit/?id=1e48fde1cbe62cbb486eaa0ea99d85762ebc74f3
branch: https://git.buildroot.net/buildroot/commit/?id=refs/heads/master
Since Buildroot commit [1] the CVEs are no longer matched to CPEs with
versions using '-'.
The CVE-2015-3243 is then no longer matched to the rsyslog package.
For more information, see the explanation in commit [1].
[1] 35f376d88e support/scripts/cve.py: fix CPE matching
Signed-off-by: Thomas Perale <thomas.perale at mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni at bootlin.com>
---
package/rsyslog/rsyslog.mk | 4 ----
1 file changed, 4 deletions(-)
diff --git a/package/rsyslog/rsyslog.mk b/package/rsyslog/rsyslog.mk
index 69128afbac..dedecdc572 100644
--- a/package/rsyslog/rsyslog.mk
+++ b/package/rsyslog/rsyslog.mk
@@ -9,10 +9,6 @@ RSYSLOG_SITE = http://rsyslog.com/files/download/rsyslog
RSYSLOG_LICENSE = GPL-3.0, LGPL-3.0, Apache-2.0
RSYSLOG_LICENSE_FILES = COPYING COPYING.LESSER COPYING.ASL20
RSYSLOG_CPE_ID_VENDOR = rsyslog
-# rsyslog uses weak permissions for generating log files.
-# Ignoring this CVE as Buildroot normally doesn't have local users and a build
-# could customize the rsyslog.conf to be more restrictive ($FileCreateMode 0640)
-RSYSLOG_IGNORE_CVES += CVE-2015-3243
RSYSLOG_DEPENDENCIES = zlib libestr liblogging libfastjson host-pkgconf
RSYSLOG_CONF_ENV = ac_cv_prog_cc_c99='-std=c99'
More information about the buildroot
mailing list