summaryrefslogtreecommitdiffstats
path: root/recipes-core
diff options
context:
space:
mode:
authorPeter Marko <peter.marko@siemens.com>2024-02-24 12:39:42 +0100
committerTim Orling <tim.orling@konsulko.com>2024-02-26 15:27:08 -0800
commit8dfbceca18476ca89aef1902d398d51da9ea2f66 (patch)
treebf860273ba748bc0f32ce944b19a03156693423e /recipes-core
parent42f0f528d2468681930abceb0aa2ecf1bd6405df (diff)
downloadmeta-java-8dfbceca18476ca89aef1902d398d51da9ea2f66.tar.gz
jsch,xerces-j: fix CVE_STATUSnanbield
Last commit tried to convert CVE_CHECK_IGNORE to CVE_STATUS, however it was done in wrong way and caused the CVEs to be reported as open again. This fixes CVE_STATUS syntax. Signed-off-by: Peter Marko <peter.marko@siemens.com>
Diffstat (limited to 'recipes-core')
-rw-r--r--recipes-core/jcraft/jsch_0.1.40.bb3
-rw-r--r--recipes-core/xerces-j/xerces-j_2.11.0.bb2
2 files changed, 2 insertions, 3 deletions
diff --git a/recipes-core/jcraft/jsch_0.1.40.bb b/recipes-core/jcraft/jsch_0.1.40.bb
index 8ef5c85..aeb04b4 100644
--- a/recipes-core/jcraft/jsch_0.1.40.bb
+++ b/recipes-core/jcraft/jsch_0.1.40.bb
@@ -25,8 +25,7 @@ do_compile() {
25SRC_URI[md5sum] = "b59cec19a487e95aed68378976b4b566" 25SRC_URI[md5sum] = "b59cec19a487e95aed68378976b4b566"
26SRC_URI[sha256sum] = "ca9d2ae08fd7a8983fb00d04f0f0c216a985218a5eb364ff9bee73870f28e097" 26SRC_URI[sha256sum] = "ca9d2ae08fd7a8983fb00d04f0f0c216a985218a5eb364ff9bee73870f28e097"
27 27
28# Ignore the CVE because it only affects Windows platforms 28CVE_STATUS[CVE-2016-5725] = "not-applicable-platform: Issue only applies on Windows"
29CVE_STATUS += "CVE-2016-5725"
30 29
31BBCLASSEXTEND = "native" 30BBCLASSEXTEND = "native"
32 31
diff --git a/recipes-core/xerces-j/xerces-j_2.11.0.bb b/recipes-core/xerces-j/xerces-j_2.11.0.bb
index c7a54ab..45d3c43 100644
--- a/recipes-core/xerces-j/xerces-j_2.11.0.bb
+++ b/recipes-core/xerces-j/xerces-j_2.11.0.bb
@@ -18,7 +18,7 @@ SRC_URI = "http://archive.apache.org/dist/xerces/j/source/Xerces-J-src.${PV}.tar
18# Already fixed with updates and closed. 18# Already fixed with updates and closed.
19# https://access.redhat.com/security/cve/CVE-2018-2799 19# https://access.redhat.com/security/cve/CVE-2018-2799
20# https://bugzilla.redhat.com/show_bug.cgi?id=1567542 20# https://bugzilla.redhat.com/show_bug.cgi?id=1567542
21CVE_STATUS += "CVE-2018-2799" 21CVE_STATUS[CVE-2018-2799] = "not-applicable-platform: Issue only applies on some Oracle Java SE and Red Hat Enterprise Linux versions"
22 22
23S = "${WORKDIR}/xerces-2_11_0" 23S = "${WORKDIR}/xerces-2_11_0"
24 24