From 0474fd940ecd2c1d3157eff9507a60e717afca86 Mon Sep 17 00:00:00 2001
From: Yogesh Tyagi <yogesh.tyagi@intel.com>
Date: Tue, 13 Sep 2022 10:55:55 +0800
Subject: dpdk-module/21.11: ignore CVE-2021-3839 and CVE-2022-0669

These are fixed in 21.11.1 but the CPE data in NVD is incomplete.

Signed-off-by: Yogesh Tyagi <yogesh.tyagi@intel.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 recipes-extended/dpdk/dpdk-module_21.11.2.bb | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/recipes-extended/dpdk/dpdk-module_21.11.2.bb b/recipes-extended/dpdk/dpdk-module_21.11.2.bb
index d7ce6a0..307ff40 100644
--- a/recipes-extended/dpdk/dpdk-module_21.11.2.bb
+++ b/recipes-extended/dpdk/dpdk-module_21.11.2.bb
@@ -47,3 +47,12 @@ do_install() {
                O=${STAGING_KERNEL_BUILDDIR} \
                ${MODULES_INSTALL_TARGET}
 }
+
+# CVE-2021-3839 has been fixed by commit 4c40d30d2b in 21.11.1
+# NVD database is incomplete
+# CVE-2022-0669 has been fixed by commit 6cb68162e4 in 21.11.1
+# NVD database is incomplete
+CVE_CHECK_IGNORE += "\
+    CVE-2021-3839 \
+    CVE-2022-0669 \
+"
-- 
cgit v1.2.3-54-g00ecf