mirrors/meta-openembedded
1
0
Fork 0
mirror of https://github.com/openembedded/meta-openembedded.git synced 2026-04-20 11:38:34 +00:00
Code Issues Projects Releases Wiki Activity

libmodbus: ignore CVE-2023-26793 and CVE-2024-34244

Browse Source 
See discussions in closed/rejected issues linked from NVD CVE reports:
* CVE-2023-26793: https://github.com/stephane/libmodbus/issues/683#issuecomment-2615601890
* CVE-2024-34244: https://github.com/stephane/libmodbus/issues/743#issuecomment-2222214256

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
This commit is contained in:
Peter Marko
2025-05-06 19:00:44 +02:00
committed by Armin Kuster
parent ef74a629a8
commit bc6cafa570
1 changed files with 3 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
meta-oe/recipes-extended/libmodbus/libmodbus_3.1.10.bb
View File

@@ -21,3 +21,6 @@ inherit autotools pkgconfig
PACKAGECONFIG ??= ""
PACKAGECONFIG[test] = "--enable-tests,--disable-tests,,"
CVE_STATUS[CVE-2023-26793] = "disputed: The buffer overflow concerns unit-test-client and it's intentional."
CVE_STATUS[CVE-2024-34244] = "disputed: This issue is invalid and only found a bug in the fuzzing driver"