* [Buildroot] [PATCH] package/fail2ban: drop CVE-2021-32749 from IGNORE_CVES
@ 2023-09-21 3:58 Daniel Lang
2023-09-21 10:30 ` Thomas Petazzoni via buildroot
2023-09-25 11:56 ` Peter Korsgaard
0 siblings, 2 replies; 3+ messages in thread
From: Daniel Lang @ 2023-09-21 3:58 UTC (permalink / raw)
To: buildroot; +Cc: Angelo Compagnucci
CVE-2021-32749 affects fail2ban <= 0.9.7, 0.10.0 through 0.10.6, and
0.11.0 through 0.11.2.
The mentioned patch was removed in 76853089 when bumping to 1.0.1.
Signed-off-by: Daniel Lang <dalang@gmx.at>
---
package/fail2ban/fail2ban.mk | 3 ---
1 file changed, 3 deletions(-)
diff --git a/package/fail2ban/fail2ban.mk b/package/fail2ban/fail2ban.mk
index 828dfdd6e1..0c1208c6fe 100644
--- a/package/fail2ban/fail2ban.mk
+++ b/package/fail2ban/fail2ban.mk
@@ -12,9 +12,6 @@ FAIL2BAN_CPE_ID_VENDOR = fail2ban
FAIL2BAN_SELINUX_MODULES = fail2ban
FAIL2BAN_SETUP_TYPE = setuptools
-# 0001-fixed-possible-RCE-vulnerability-unset-escape-variable.patch
-FAIL2BAN_IGNORE_CVES += CVE-2021-32749
-
define FAIL2BAN_PYTHON_2TO3
$(HOST_DIR)/bin/2to3 --write --nobackups --no-diffs $(@D)/bin/* $(@D)/fail2ban
endef
--
2.42.0
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [Buildroot] [PATCH] package/fail2ban: drop CVE-2021-32749 from IGNORE_CVES
2023-09-21 3:58 [Buildroot] [PATCH] package/fail2ban: drop CVE-2021-32749 from IGNORE_CVES Daniel Lang
@ 2023-09-21 10:30 ` Thomas Petazzoni via buildroot
2023-09-25 11:56 ` Peter Korsgaard
1 sibling, 0 replies; 3+ messages in thread
From: Thomas Petazzoni via buildroot @ 2023-09-21 10:30 UTC (permalink / raw)
To: Daniel Lang; +Cc: Angelo Compagnucci, buildroot
On Thu, 21 Sep 2023 05:58:27 +0200
Daniel Lang <dalang@gmx.at> wrote:
> CVE-2021-32749 affects fail2ban <= 0.9.7, 0.10.0 through 0.10.6, and
> 0.11.0 through 0.11.2.
> The mentioned patch was removed in 76853089 when bumping to 1.0.1.
>
> Signed-off-by: Daniel Lang <dalang@gmx.at>
> ---
> package/fail2ban/fail2ban.mk | 3 ---
> 1 file changed, 3 deletions(-)
Applied to master, thanks.
Thomas
--
Thomas Petazzoni, CTO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [Buildroot] [PATCH] package/fail2ban: drop CVE-2021-32749 from IGNORE_CVES
2023-09-21 3:58 [Buildroot] [PATCH] package/fail2ban: drop CVE-2021-32749 from IGNORE_CVES Daniel Lang
2023-09-21 10:30 ` Thomas Petazzoni via buildroot
@ 2023-09-25 11:56 ` Peter Korsgaard
1 sibling, 0 replies; 3+ messages in thread
From: Peter Korsgaard @ 2023-09-25 11:56 UTC (permalink / raw)
To: Daniel Lang; +Cc: Angelo Compagnucci, buildroot
>>>>> "Daniel" == Daniel Lang <dalang@gmx.at> writes:
> CVE-2021-32749 affects fail2ban <= 0.9.7, 0.10.0 through 0.10.6, and
> 0.11.0 through 0.11.2.
> The mentioned patch was removed in 76853089 when bumping to 1.0.1.
> Signed-off-by: Daniel Lang <dalang@gmx.at>
Committed to 2023.02.x, 2023.05.x and 2023.08.x, thanks.
--
Bye, Peter Korsgaard
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2023-09-25 11:56 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2023-09-21 3:58 [Buildroot] [PATCH] package/fail2ban: drop CVE-2021-32749 from IGNORE_CVES Daniel Lang
2023-09-21 10:30 ` Thomas Petazzoni via buildroot
2023-09-25 11:56 ` Peter Korsgaard
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox