[OE-core] [PATCH] bind: Whitelist CVE-2019-6470
Ross Burton
ross.burton at intel.com
Thu Nov 14 13:16:44 UTC 2019
On 14/11/2019 12:51, Adrian Bunk wrote:
> On Thu, Nov 14, 2019 at 12:04:40PM +0000, Ross Burton wrote:
>> On 13/11/2019 08:19, Adrian Bunk wrote:
>>> +# Affects: Builds of dhcpd versions prior to version 4.4.1 when using BIND versions 9.11.2 or later
>>> +CVE_CHECK_WHITELIST += "CVE-2019-6470"
>>
>> Can you be a bit more explicit about why this is whitelisted?
>
> Something like
> BIND >= 9.11.2 need dhcpd >= 4.4.1, don't report it here since
> dhcpd is already recent enough.
Right.
Ross
More information about the Openembedded-core
mailing list