[Buildroot] [PATCH 1/1] package/dovecot: ignore CVE-2016-4983
Fabrice Fontaine
fontaine.fabrice at gmail.com
Sat Jul 17 21:24:39 UTC 2021
CVE-2016-4983 is an issue in a postinstall script in the dovecot rpm,
which is part of the Red Hat packaging and not part of upstream dovecot
Signed-off-by: Fabrice Fontaine <fontaine.fabrice at gmail.com>
---
package/dovecot/dovecot.mk | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/package/dovecot/dovecot.mk b/package/dovecot/dovecot.mk
index 93d04fc8a1..cb1cc990a1 100644
--- a/package/dovecot/dovecot.mk
+++ b/package/dovecot/dovecot.mk
@@ -18,6 +18,10 @@ DOVECOT_DEPENDENCIES = \
# add host-gettext for AM_ICONV macro
DOVECOT_DEPENDENCIES += host-gettext
+# CVE-2016-4983 is an issue in a postinstall script in the dovecot rpm, which
+# is part of the Red Hat packaging and not part of upstream dovecot
+DOVECOT_IGNORE_CVES += CVE-2016-4983
+
DOVECOT_CONF_ENV = \
RPCGEN=__disable_RPCGEN_rquota \
i_cv_epoll_works=yes \
--
2.30.2
More information about the buildroot
mailing list