[Buildroot] [PATCH 2/5] package/libsndfile: annotate _IGNORE_CVES for the included security patches
Peter Korsgaard
peter at korsgaard.com
Wed Feb 19 21:37:04 UTC 2020
>>>>> "Thomas" == Thomas Petazzoni <thomas.petazzoni at bootlin.com> writes:
> On Wed, 19 Feb 2020 17:01:59 +0100
> Peter Korsgaard <peter at korsgaard.com> wrote:
>> Also mark CVE-2018-13419 as disputed.
>>
>> Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
> What does "disputed" means in this context ?
That someone related to the project claims that it isn't a security
issue or cannot reproduce the issue.
Specifically for this CVE, see the discussion here:
https://github.com/erikd/libsndfile/issues/398
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list