cve_check: convert CVE_CHECK_IGNORE to CVE_STATUS

- Try to add convert and apply statuses for old CVEs - Drop some obsolete ignores, while they are not relevant for current version Signed-off-by: Andrej Valek <andrej.valek@siemens.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
author: Andrej Valek <andrej.valek@siemens.com> 2023-07-26 11:50:09 +0200
committer: Khem Raj <raj.khem@gmail.com> 2023-07-27 08:54:40 -0700
commit: 8af2f17a6fa8bf282c4c27054adbea1bf0873069 (patch)
tree: 22b6484379a0f3d3e2b89f958dda0fd45f2a1880 /meta-oe/recipes-devtools
parent: 4c201ede939610946847ccd4221320ed776224aa (diff)
download: meta-openembedded-8af2f17a6fa8bf282c4c27054adbea1bf0873069.tar.gz
3 files changed, 4 insertions, 6 deletions
diff --git a/meta-oe/recipes-devtools/flatbuffers/flatbuffers.bb b/meta-oe/recipes-devtools/flatbuffers/flatbuffers.bb
index 657391636..183554e2c 100644
--- a/meta-oe/recipes-devtools/flatbuffers/flatbuffers.bb
+++ b/meta-oe/recipes-devtools/flatbuffers/flatbuffers.bb
@@ -15,8 +15,6 @@ RDEPENDS:${PN}-dev += "${PN}-compiler"
 S = "${WORKDIR}/git"
-CVE_CHECK_IGNORE += "CVE-2020-35864"
 EXTRA_OECMAKE += " \
    -DFLATBUFFERS_BUILD_TESTS=OFF \    
    -DFLATBUFFERS_BUILD_SHAREDLIB=ON \
diff --git a/meta-oe/recipes-devtools/php/php_8.2.8.bb b/meta-oe/recipes-devtools/php/php_8.2.8.bb
index 08d041d77..407b1a7bc 100644
--- a/meta-oe/recipes-devtools/php/php_8.2.8.bb
+++ b/meta-oe/recipes-devtools/php/php_8.2.8.bb
@@ -36,7 +36,9 @@ SRC_URI:append:class-target = " \
 S = "${WORKDIR}/php-${PV}"
 SRC_URI[sha256sum] = "995ed4009c7917c962d31837a1a3658f36d4af4f357b673c97ffdbe6403f8517"
-CVE_CHECK_IGNORE += "\
+CVE_STATUS_GROUPS += "CVE_STATUS_PHP"
+CVE_STATUS_PHP[status] = "fixed-version: The name of this product is exactly the same as github.com/emlog/emlog. CVE can be safely ignored."
+CVE_STATUS_PHP = " \
    CVE-2007-2728 \
    CVE-2007-3205 \
    CVE-2007-4596 \
diff --git a/meta-oe/recipes-devtools/uw-imap/uw-imap_2007f.bb b/meta-oe/recipes-devtools/uw-imap/uw-imap_2007f.bb
index ea76d4870..dcb59f4ea 100644
--- a/meta-oe/recipes-devtools/uw-imap/uw-imap_2007f.bb
+++ b/meta-oe/recipes-devtools/uw-imap/uw-imap_2007f.bb
@@ -22,9 +22,7 @@ SRC_URI[sha256sum] = "53e15a2b5c1bc80161d42e9f69792a3fa18332b7b771910131004eb520
 S = "${WORKDIR}/imap-${PV}"
-CVE_CHECK_IGNORE += "\
+CVE_STATUS[CVE-2005-0198] = "fixed-version: The CPE in the NVD database doesn't reflect correctly the vulnerable versions."
-    CVE-2005-0198 \
-"
 PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'pam', d)}"
 PACKAGECONFIG[pam] = ",,libpam"
author	Andrej Valek <andrej.valek@siemens.com>	2023-07-26 11:50:09 +0200
committer	Khem Raj <raj.khem@gmail.com>	2023-07-27 08:54:40 -0700
commit	8af2f17a6fa8bf282c4c27054adbea1bf0873069 (patch)
tree	22b6484379a0f3d3e2b89f958dda0fd45f2a1880 /meta-oe/recipes-devtools
parent	4c201ede939610946847ccd4221320ed776224aa (diff)
download	meta-openembedded-8af2f17a6fa8bf282c4c27054adbea1bf0873069.tar.gz