[Buildroot] [git commit branch/2020.11.x] package/wpa_supplicant: annotate CVE-2021-27803

Peter Korsgaard peter at korsgaard.com
Sat Apr 3 11:42:40 UTC 2021


commit: https://git.buildroot.net/buildroot/commit/?id=1d33edbf12e394f4662e213bb15a75e1e4b668ce
branch: https://git.buildroot.net/buildroot/commit/?id=refs/heads/2020.11.x

Add a WPA_SUPPLICANT_IGNORE_CVES entry for CVE-2021-27803 which was
fixed by commit 9ada4eb2f1c3d67ee49f6f5466738bcd821fc647, which we
have backported as
0001-P2P-Fix-a-corner-case-in-peer-addition-based-on-PD-R.patch.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice at gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni at bootlin.com>
(cherry picked from commit 1a7cf592a834357c5777e452f0b7ab7652e7d389)
Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
---
 package/wpa_supplicant/wpa_supplicant.mk | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/package/wpa_supplicant/wpa_supplicant.mk b/package/wpa_supplicant/wpa_supplicant.mk
index 9f6f18382f..c4e98cf609 100644
--- a/package/wpa_supplicant/wpa_supplicant.mk
+++ b/package/wpa_supplicant/wpa_supplicant.mk
@@ -21,6 +21,9 @@ WPA_SUPPLICANT_LDFLAGS = $(TARGET_LDFLAGS)
 # 0001-AP-Silently-ignore-management-frame-from-unexpected-.patch
 WPA_SUPPLICANT_IGNORE_CVES += CVE-2019-16275
 
+# 0001-P2P-Fix-a-corner-case-in-peer-addition-based-on-PD-R.patch
+WPA_SUPPLICANT_IGNORE_CVES += CVE-2021-27803
+
 # install the wpa_client library
 WPA_SUPPLICANT_INSTALL_STAGING = YES
 


More information about the buildroot mailing list