[Buildroot] [git commit] package/tpm2-tss: ignore CVE-2023-22745
Julien Olivain
ju.o at free.fr
Thu Oct 23 20:00:38 UTC 2025
commit: https://git.buildroot.net/buildroot/commit/?id=6144b0f4b73bea810809f09d23bbe76b4979bc13
branch: https://git.buildroot.net/buildroot/commit/?id=refs/heads/master
Signed-off-by: Titouan Christophe <titouan.christophe at mind.be>
Signed-off-by: Julien Olivain <ju.o at free.fr>
---
package/tpm2-tss/tpm2-tss.mk | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/package/tpm2-tss/tpm2-tss.mk b/package/tpm2-tss/tpm2-tss.mk
index e1f65c384d..81a1a0e59b 100644
--- a/package/tpm2-tss/tpm2-tss.mk
+++ b/package/tpm2-tss/tpm2-tss.mk
@@ -16,6 +16,10 @@ TPM2_TSS_DEPENDENCIES = openssl host-pkgconf
# 0001-configure-Only-use-CXX-when-fuzzing.patch
TPM2_TSS_AUTORECONF = YES
+# Fixed in upstream commit
+# https://github.com/tpm2-software/tpm2-tss/commit/7ab42953216adec046d000a5e3085f3ee5e9cabf
+TPM2_TSS_IGNORE_CVES += CVE-2023-22745
+
# systemd-sysusers and systemd-tmpfiles are only used at install time
# to trigger the creation of users and tmpfiles, which we do not care
# about at build time. groupadd, useradd, and setfacl are used in the
More information about the buildroot
mailing list