redis: ignore CVE-2025-21605

The vulnerability has been fixed in the used versions already,
upstream has backported it.

6.2.18: https://github.com/redis/redis/commit/5e93f9cb9dbc3e7ac9bce36f2838156cbc5c9e62
7.2.8: https://github.com/redis/redis/commit/42fb340ce426364d64f5dccc9c2549e58f48ac6f

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
This commit is contained in:
Gyorgy Sarvari
2025-10-07 21:49:33 +02:00
parent f7c6bcc1ce
commit f786847743
2 changed files with 3 additions and 0 deletions
@@ -65,3 +65,5 @@ INITSCRIPT_NAME = "redis-server"
INITSCRIPT_PARAMS = "defaults 87"
SYSTEMD_SERVICE:${PN} = "redis.service"
CVE_STATUS[CVE-2025-21605] = "fixed-version: The backported fix by upstream is included in the used version"
@@ -74,3 +74,4 @@ SYSTEMD_SERVICE:${PN} = "redis.service"
CVE_STATUS[CVE-2022-3734] = "not-applicable-platform: CVE only applies for Windows."
CVE_STATUS[CVE-2022-0543] = "not-applicable-platform: Debian-specific CVE"
CVE_STATUS[CVE-2025-21605] = "fixed-version: The backported fix by upstream is included in the used version"