[Buildroot] [PATCH 2/5] package/libsndfile: annotate _IGNORE_CVES for the included security patches
Thomas Petazzoni
thomas.petazzoni at bootlin.com
Wed Feb 19 21:44:52 UTC 2020
On Wed, 19 Feb 2020 22:37:04 +0100
Peter Korsgaard <peter at korsgaard.com> wrote:
> > What does "disputed" means in this context ?
>
> That someone related to the project claims that it isn't a security
> issue or cannot reproduce the issue.
>
> Specifically for this CVE, see the discussion here:
>
> https://github.com/erikd/libsndfile/issues/398
That's the kind of thing I assumed, but perhaps we need to add at least
this link next to the IGNORE_CVES line ?
Thomas
--
Thomas Petazzoni, CTO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com
More information about the buildroot
mailing list