Files
Ankur Tyagi 1c65291a77 ndpi: ignore CVE-2025-25066
Details https://nvd.nist.gov/vuln/detail/CVE-2025-25066

CVE was fixed by [1] but the change [2] which introduced CVE was not present this version (4.2).

$ git tag --no-contains b9348e9 | grep 4.2
4.2

[1] https://github.com/ntop/nDPI/commit/678697b5eb6c3caa5dd5f8cccfe9eed8d13b94bb
[2] https://github.com/ntop/nDPI/commit/b9348e9d6e0e754c4b17661c643ca258f1540ca1

Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
2025-10-30 14:43:36 +08:00

31 lines
843 B
BlitzBasic

SUMMARY = "A library for deep-packet inspection."
DESCRIPTION = "nDPI is an open source LGPLv3 library for deep-packet \
inspection. Based on OpenDPI it includes ntop extensions"
SECTION = "libdevel"
DEPENDS = "libpcap json-c"
RDEPENDS:${PN} += " libpcap"
LICENSE = "GPL-3.0-only"
LIC_FILES_CHKSUM = "file://COPYING;md5=b52f2d57d10c4f7ee67a7eb9615d5d24"
SRCREV = "8b5c6af71b562549f8416b31803daae223e09f46"
SRC_URI = "git://github.com/ntop/nDPI.git;branch=4.2-stable;protocol=https \
file://0001-autogen.sh-not-generate-configure.patch \
"
S = "${WORKDIR}/git"
inherit autotools-brokensep pkgconfig
CPPFLAGS += "${SELECTED_OPTIMIZATION}"
do_configure:prepend() {
${S}/autogen.sh
}
EXTRA_OEMAKE = " \
libdir=${libdir} \
"
CVE_STATUS[CVE-2025-25066] = "cpe-incorrect: Current version (4.2) is not affected."