[Buildroot] [PATCH 1/4] package/freerdp: ignore CVE-2025-4478
Titouan Christophe
titouan.christophe at mind.be
Thu Oct 23 14:05:24 UTC 2025
Signed-off-by: Titouan Christophe <titouan.christophe at mind.be>
---
package/freerdp/freerdp.mk | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/package/freerdp/freerdp.mk b/package/freerdp/freerdp.mk
index 3a1ba61621..391b9a4675 100644
--- a/package/freerdp/freerdp.mk
+++ b/package/freerdp/freerdp.mk
@@ -13,6 +13,10 @@ FREERDP_LICENSE = Apache-2.0
FREERDP_LICENSE_FILES = LICENSE
FREERDP_CPE_ID_VENDOR = freerdp
+# As explained on https://github.com/FreeRDP/FreeRDP/pull/11573#issuecomment-2904160524,
+# the affected code is new with 3.x, was not there on 2.x
+FREERDP_IGNORE_CVES += CVE-2025-4478
+
FREERDP_INSTALL_STAGING = YES
FREERDP_CONF_OPTS = -DWITH_MANPAGES=OFF -Wno-dev -DWITH_GSTREAMER_0_10=OFF
--
2.51.0
More information about the buildroot
mailing list