[Buildroot] [2025.02.x, PATCH] package/netsnmp: revert drop stale ignore CVE entries
Thomas Perale
thomas.perale at mind.be
Mon Oct 27 21:37:56 UTC 2025
In commit [1] the package netsnmp was bumped on master to version 5.9.4.
This version included fixes for CVE that were already patched in
buildroot and thus was not picked on the LTS branch.
As a consequence, the commit [2] was made on master which removed the
stale 'IGNORE_CVES' for the patches no longer presents. This commit was
wrongly picked on the LTS branch.
This reverts commit [3] which was included in 2025.02.x to set the
'IGNORE_CVES' back to the state of version 5.9.3.
[1] 1799cfebfd package/netsnmp: bump to version 5.9.4
[2] 4a3eab8341 package/netsnmp: drop stale ignore CVE entries
[3] 3ef8c1d0db package/netsnmp: drop stale ignore CVE entries
Signed-off-by: Thomas Perale <thomas.perale at mind.be>
---
package/netsnmp/netsnmp.mk | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/package/netsnmp/netsnmp.mk b/package/netsnmp/netsnmp.mk
index 7cd31ff209..6575ff1afa 100644
--- a/package/netsnmp/netsnmp.mk
+++ b/package/netsnmp/netsnmp.mk
@@ -11,6 +11,10 @@ NETSNMP_LICENSE = Various BSD-like
NETSNMP_LICENSE_FILES = COPYING
NETSNMP_CPE_ID_VENDOR = net-snmp
NETSNMP_CPE_ID_PRODUCT = $(NETSNMP_CPE_ID_VENDOR)
+# 0001-snmp_agent-disallow-SET-with-NULL-varbind.patch
+NETSNMP_IGNORE_CVES = \
+ CVE-2022-44792 \
+ CVE-2022-44793
NETSNMP_SELINUX_MODULES = snmp
NETSNMP_INSTALL_STAGING = YES
NETSNMP_CONF_ENV = \
--
2.51.0
More information about the buildroot
mailing list