mirrors/meta-openembedded
1
0
Fork 0
mirror of https://github.com/openembedded/meta-openembedded.git synced 2026-06-13 17:39:57 +00:00
Code Issues Projects Releases Wiki Activity

apache2: ignore CVE-2025-3891

Browse Source 
The vulnerability was reported against mod_auth_openidc, which module
is a 3rd party one, and not part of the apache2 source distribution.

The affected module is not part of the meta-oe universe currently,
so ignore the CVE.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
This commit is contained in:
Gyorgy Sarvari
2025-10-14 15:59:08 +02:00
parent 8d733ee01b
commit df0b60ad51
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
meta-webserver/recipes-httpd/apache2/apache2_2.4.65.bb
+2
View File
@@ -55,6 +55,8 @@ CVE_CHECK_IGNORE += "CVE-2007-6421 CVE-2007-6422"
CVE_CHECK_IGNORE += "CVE-2007-6423"
# cpe-incorrect: The current version is not affected by the CVE which affects versions up to 2.2.6 (excl.)
CVE_CHECK_IGNORE += "CVE-2008-2168"
# cpe-incorrect: The CVE is for a 3rd party module, which is not part of the Apache source distribution
CVE_CHECK_IGNORE += "CVE-2025-3891"
SSTATE_SCAN_FILES += "apxs config_vars.mk config.nice"