[Buildroot] [PATCH 2/4] package/libssh: ignore CVE-2025-5318
Thomas Perale
thomas.perale at mind.be
Thu Oct 30 08:23:52 UTC 2025
In reply of:
> Signed-off-by: Titouan Christophe <titouan.christophe at mind.be>
Applied to 2025.02.x & 2025.08.x. Thanks
> ---
> package/libssh/libssh.mk | 4 ++++
> 1 file changed, 4 insertions(+)
>
> diff --git a/package/libssh/libssh.mk b/package/libssh/libssh.mk
> index 3c7e77a206..2be9013454 100644
> --- a/package/libssh/libssh.mk
> +++ b/package/libssh/libssh.mk
> @@ -17,6 +17,10 @@ LIBSSH_CONF_OPTS = \
> -DWITH_STACK_PROTECTOR=OFF \
> -DWITH_EXAMPLES=OFF
>
> +# NVD database is missing an upper version specifier.
> +# This vulnerability only affects libssh<0.11.2
> +LIBSSH_IGNORE_CVES = CVE-2025-5318
> +
> ifeq ($(BR2_ARM_INSTRUCTIONS_THUMB),y)
> LIBSSH_CONF_OPTS += -DWITH_STACK_CLASH_PROTECTION=OFF
> endif
> --
> 2.51.0
>
> _______________________________________________
> buildroot mailing list
> buildroot at buildroot.org
> https://lists.buildroot.org/mailman/listinfo/buildroot
More information about the buildroot
mailing list