diff options
Diffstat (limited to 'meta-oe')
21 files changed, 29 insertions, 66 deletions
diff --git a/meta-oe/dynamic-layers/meta-python/recipes-dbs/mongodb/mongodb_git.bb b/meta-oe/dynamic-layers/meta-python/recipes-dbs/mongodb/mongodb_git.bb index 550fbc30d..0ce58b13c 100644 --- a/meta-oe/dynamic-layers/meta-python/recipes-dbs/mongodb/mongodb_git.bb +++ b/meta-oe/dynamic-layers/meta-python/recipes-dbs/mongodb/mongodb_git.bb | |||
@@ -50,11 +50,8 @@ SRC_URI:append:toolchain-clang = "\ | |||
50 | 50 | ||
51 | S = "${WORKDIR}/git" | 51 | S = "${WORKDIR}/git" |
52 | 52 | ||
53 | CVE_CHECK_IGNORE += "\ | 53 | CVE_STATUS[CVE-2014-8180] = "not-applicable-config: Not affecting our configuration so it can be safely ignored." |
54 | CVE-2014-8180 \ | 54 | CVE_STATUS[CVE-2017-2665] = "not-applicable-config: Not affecting our configuration so it can be safely ignored." |
55 | CVE-2017-18381 \ | ||
56 | CVE-2017-2665 \ | ||
57 | " | ||
58 | 55 | ||
59 | COMPATIBLE_HOST ?= '(x86_64|i.86|powerpc64|arm|aarch64).*-linux' | 56 | COMPATIBLE_HOST ?= '(x86_64|i.86|powerpc64|arm|aarch64).*-linux' |
60 | 57 | ||
diff --git a/meta-oe/recipes-connectivity/libtorrent/libtorrent_git.bb b/meta-oe/recipes-connectivity/libtorrent/libtorrent_git.bb index 50096cfdb..fec05571d 100644 --- a/meta-oe/recipes-connectivity/libtorrent/libtorrent_git.bb +++ b/meta-oe/recipes-connectivity/libtorrent/libtorrent_git.bb | |||
@@ -9,9 +9,7 @@ DEPENDS = "zlib libsigc++-2.0 openssl cppunit" | |||
9 | SRC_URI = "git://github.com/rakshasa/libtorrent;branch=master;protocol=https" | 9 | SRC_URI = "git://github.com/rakshasa/libtorrent;branch=master;protocol=https" |
10 | SRCREV = "e60f222241319aaae482789517ad00ae9344bd13" | 10 | SRCREV = "e60f222241319aaae482789517ad00ae9344bd13" |
11 | 11 | ||
12 | CVE_CHECK_IGNORE += "\ | 12 | CVE_STATUS[CVE-2009-1760] = "backported-patch: patched in our product" |
13 | CVE-2009-1760 \ | ||
14 | " | ||
15 | 13 | ||
16 | PV = "0.13.8+git${SRCPV}" | 14 | PV = "0.13.8+git${SRCPV}" |
17 | 15 | ||
diff --git a/meta-oe/recipes-core/emlog/emlog_git.bb b/meta-oe/recipes-core/emlog/emlog_git.bb index 05fa0c334..03c895f66 100644 --- a/meta-oe/recipes-core/emlog/emlog_git.bb +++ b/meta-oe/recipes-core/emlog/emlog_git.bb | |||
@@ -25,11 +25,9 @@ do_install() { | |||
25 | 25 | ||
26 | RRECOMMENDS:${PN} += "kernel-module-emlog" | 26 | RRECOMMENDS:${PN} += "kernel-module-emlog" |
27 | 27 | ||
28 | # The NVD database doesn't have a CPE for this product, | 28 | CVE_STATUS_GROUPS += "CVE_STATUS_EMLOG" |
29 | # the name of this product is exactly the same as github.com/emlog/emlog | 29 | CVE_STATUS_EMLOG[status] = "fixed-version: The name of this product is exactly the same as github.com/emlog/emlog. CVE can be safely ignored." |
30 | # but it's not related in any way. The following CVEs are from that project | 30 | CVE_STATUS_EMLOG = " \ |
31 | # so they can be safely ignored | ||
32 | CVE_CHECK_IGNORE += "\ | ||
33 | CVE-2019-16868 \ | 31 | CVE-2019-16868 \ |
34 | CVE-2019-17073 \ | 32 | CVE-2019-17073 \ |
35 | CVE-2021-44584 \ | 33 | CVE-2021-44584 \ |
diff --git a/meta-oe/recipes-dbs/postgresql/postgresql_15.3.bb b/meta-oe/recipes-dbs/postgresql/postgresql_15.3.bb index c4d4124f9..e1d49895f 100644 --- a/meta-oe/recipes-dbs/postgresql/postgresql_15.3.bb +++ b/meta-oe/recipes-dbs/postgresql/postgresql_15.3.bb | |||
@@ -13,6 +13,4 @@ SRC_URI += "\ | |||
13 | 13 | ||
14 | SRC_URI[sha256sum] = "ffc7d4891f00ffbf5c3f4eab7fbbced8460b8c0ee63c5a5167133b9e6599d932" | 14 | SRC_URI[sha256sum] = "ffc7d4891f00ffbf5c3f4eab7fbbced8460b8c0ee63c5a5167133b9e6599d932" |
15 | 15 | ||
16 | CVE_CHECK_IGNORE += "\ | 16 | CVE_STATUS[CVE-2017-8806] = "not-applicable-config: Ddoesn't apply to out configuration of postgresql so we can safely ignore it." |
17 | CVE-2017-8806 \ | ||
18 | " | ||
diff --git a/meta-oe/recipes-devtools/flatbuffers/flatbuffers.bb b/meta-oe/recipes-devtools/flatbuffers/flatbuffers.bb index 657391636..183554e2c 100644 --- a/meta-oe/recipes-devtools/flatbuffers/flatbuffers.bb +++ b/meta-oe/recipes-devtools/flatbuffers/flatbuffers.bb | |||
@@ -15,8 +15,6 @@ RDEPENDS:${PN}-dev += "${PN}-compiler" | |||
15 | 15 | ||
16 | S = "${WORKDIR}/git" | 16 | S = "${WORKDIR}/git" |
17 | 17 | ||
18 | CVE_CHECK_IGNORE += "CVE-2020-35864" | ||
19 | |||
20 | EXTRA_OECMAKE += " \ | 18 | EXTRA_OECMAKE += " \ |
21 | -DFLATBUFFERS_BUILD_TESTS=OFF \ | 19 | -DFLATBUFFERS_BUILD_TESTS=OFF \ |
22 | -DFLATBUFFERS_BUILD_SHAREDLIB=ON \ | 20 | -DFLATBUFFERS_BUILD_SHAREDLIB=ON \ |
diff --git a/meta-oe/recipes-devtools/php/php_8.2.8.bb b/meta-oe/recipes-devtools/php/php_8.2.8.bb index 08d041d77..407b1a7bc 100644 --- a/meta-oe/recipes-devtools/php/php_8.2.8.bb +++ b/meta-oe/recipes-devtools/php/php_8.2.8.bb | |||
@@ -36,7 +36,9 @@ SRC_URI:append:class-target = " \ | |||
36 | S = "${WORKDIR}/php-${PV}" | 36 | S = "${WORKDIR}/php-${PV}" |
37 | SRC_URI[sha256sum] = "995ed4009c7917c962d31837a1a3658f36d4af4f357b673c97ffdbe6403f8517" | 37 | SRC_URI[sha256sum] = "995ed4009c7917c962d31837a1a3658f36d4af4f357b673c97ffdbe6403f8517" |
38 | 38 | ||
39 | CVE_CHECK_IGNORE += "\ | 39 | CVE_STATUS_GROUPS += "CVE_STATUS_PHP" |
40 | CVE_STATUS_PHP[status] = "fixed-version: The name of this product is exactly the same as github.com/emlog/emlog. CVE can be safely ignored." | ||
41 | CVE_STATUS_PHP = " \ | ||
40 | CVE-2007-2728 \ | 42 | CVE-2007-2728 \ |
41 | CVE-2007-3205 \ | 43 | CVE-2007-3205 \ |
42 | CVE-2007-4596 \ | 44 | CVE-2007-4596 \ |
diff --git a/meta-oe/recipes-devtools/uw-imap/uw-imap_2007f.bb b/meta-oe/recipes-devtools/uw-imap/uw-imap_2007f.bb index ea76d4870..dcb59f4ea 100644 --- a/meta-oe/recipes-devtools/uw-imap/uw-imap_2007f.bb +++ b/meta-oe/recipes-devtools/uw-imap/uw-imap_2007f.bb | |||
@@ -22,9 +22,7 @@ SRC_URI[sha256sum] = "53e15a2b5c1bc80161d42e9f69792a3fa18332b7b771910131004eb520 | |||
22 | 22 | ||
23 | S = "${WORKDIR}/imap-${PV}" | 23 | S = "${WORKDIR}/imap-${PV}" |
24 | 24 | ||
25 | CVE_CHECK_IGNORE += "\ | 25 | CVE_STATUS[CVE-2005-0198] = "fixed-version: The CPE in the NVD database doesn't reflect correctly the vulnerable versions." |
26 | CVE-2005-0198 \ | ||
27 | " | ||
28 | 26 | ||
29 | PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'pam', d)}" | 27 | PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'pam', d)}" |
30 | PACKAGECONFIG[pam] = ",,libpam" | 28 | PACKAGECONFIG[pam] = ",,libpam" |
diff --git a/meta-oe/recipes-extended/libimobiledevice/libplist_2.3.0.bb b/meta-oe/recipes-extended/libimobiledevice/libplist_2.3.0.bb index 1a74dc88f..f636990f8 100644 --- a/meta-oe/recipes-extended/libimobiledevice/libplist_2.3.0.bb +++ b/meta-oe/recipes-extended/libimobiledevice/libplist_2.3.0.bb | |||
@@ -14,7 +14,9 @@ SRC_URI = "git://github.com/libimobiledevice/libplist;protocol=https;branch=mast | |||
14 | S = "${WORKDIR}/git" | 14 | S = "${WORKDIR}/git" |
15 | PR = "r1" | 15 | PR = "r1" |
16 | 16 | ||
17 | CVE_CHECK_IGNORE += "\ | 17 | CVE_STATUS_GROUPS += "CVE_STATUS_LIBLIST" |
18 | CVE_STATUS_LIBLIST[status] = "fixed-version: The CPE in the NVD database doesn't reflect correctly the vulnerable versions." | ||
19 | CVE_STATUS_LIBLIST = " \ | ||
18 | CVE-2017-5834 \ | 20 | CVE-2017-5834 \ |
19 | CVE-2017-5835 \ | 21 | CVE-2017-5835 \ |
20 | CVE-2017-5836 \ | 22 | CVE-2017-5836 \ |
diff --git a/meta-oe/recipes-extended/libimobiledevice/libplist_git.bb b/meta-oe/recipes-extended/libimobiledevice/libplist_git.bb index db092600b..3a10b40f1 100644 --- a/meta-oe/recipes-extended/libimobiledevice/libplist_git.bb +++ b/meta-oe/recipes-extended/libimobiledevice/libplist_git.bb | |||
@@ -15,7 +15,9 @@ SRC_URI = "git://github.com/libimobiledevice/libplist;protocol=https;branch=mast | |||
15 | 15 | ||
16 | S = "${WORKDIR}/git" | 16 | S = "${WORKDIR}/git" |
17 | 17 | ||
18 | CVE_CHECK_IGNORE += "\ | 18 | CVE_STATUS_GROUPS += "CVE_STATUS_LIBLIST" |
19 | CVE_STATUS_LIBLIST[status] = "fixed-version: The CPE in the NVD database doesn't reflect correctly the vulnerable versions." | ||
20 | CVE_STATUS_LIBLIST = " \ | ||
19 | CVE-2017-5834 \ | 21 | CVE-2017-5834 \ |
20 | CVE-2017-5835 \ | 22 | CVE-2017-5835 \ |
21 | CVE-2017-5836 \ | 23 | CVE-2017-5836 \ |
diff --git a/meta-oe/recipes-extended/libzip/libzip_1.10.0.bb b/meta-oe/recipes-extended/libzip/libzip_1.10.0.bb index e8aa7fdc0..b500f26e2 100644 --- a/meta-oe/recipes-extended/libzip/libzip_1.10.0.bb +++ b/meta-oe/recipes-extended/libzip/libzip_1.10.0.bb | |||
@@ -23,7 +23,4 @@ SRC_URI = "https://libzip.org/download/libzip-${PV}.tar.xz" | |||
23 | 23 | ||
24 | SRC_URI[sha256sum] = "cd2a7ac9f1fb5bfa6218272d9929955dc7237515bba6e14b5ad0e1d1e2212b43" | 24 | SRC_URI[sha256sum] = "cd2a7ac9f1fb5bfa6218272d9929955dc7237515bba6e14b5ad0e1d1e2212b43" |
25 | 25 | ||
26 | # Patch for CVE-2017-12858 is applied in version 1.2.0. | ||
27 | CVE_CHECK_IGNORE += "CVE-2017-12858" | ||
28 | |||
29 | BBCLASSEXTEND += "native" | 26 | BBCLASSEXTEND += "native" |
diff --git a/meta-oe/recipes-extended/sanlock/sanlock_3.8.5.bb b/meta-oe/recipes-extended/sanlock/sanlock_3.8.5.bb index c2a17d06b..962d19574 100644 --- a/meta-oe/recipes-extended/sanlock/sanlock_3.8.5.bb +++ b/meta-oe/recipes-extended/sanlock/sanlock_3.8.5.bb | |||
@@ -21,9 +21,7 @@ SRCREV = "b820c63093c4ae85d7da4f719cf3026d7fca5d09" | |||
21 | 21 | ||
22 | S = "${WORKDIR}/git" | 22 | S = "${WORKDIR}/git" |
23 | 23 | ||
24 | CVE_CHECK_IGNORE += "\ | 24 | CVE_STATUS[CVE-2012-5638] = "fixed-version: The CPE in the NVD database doesn't reflect correctly the vulnerable versions." |
25 | CVE-2012-5638 \ | ||
26 | " | ||
27 | 25 | ||
28 | DEPENDS = "libaio util-linux" | 26 | DEPENDS = "libaio util-linux" |
29 | 27 | ||
diff --git a/meta-oe/recipes-extended/sblim-sfcb/sblim-sfcb_1.4.9.bb b/meta-oe/recipes-extended/sblim-sfcb/sblim-sfcb_1.4.9.bb index a52f3641d..2a7cf2285 100644 --- a/meta-oe/recipes-extended/sblim-sfcb/sblim-sfcb_1.4.9.bb +++ b/meta-oe/recipes-extended/sblim-sfcb/sblim-sfcb_1.4.9.bb | |||
@@ -34,9 +34,7 @@ SRC_URI = "http://downloads.sourceforge.net/sblim/${BP}.tar.bz2 \ | |||
34 | SRC_URI[md5sum] = "28021cdabc73690a94f4f9d57254ce30" | 34 | SRC_URI[md5sum] = "28021cdabc73690a94f4f9d57254ce30" |
35 | SRC_URI[sha256sum] = "634a67b2f7ac3b386a79160eb44413d618e33e4e7fc74ae68b0240484af149dd" | 35 | SRC_URI[sha256sum] = "634a67b2f7ac3b386a79160eb44413d618e33e4e7fc74ae68b0240484af149dd" |
36 | 36 | ||
37 | CVE_CHECK_IGNORE += "\ | 37 | CVE_STATUS[CVE-2012-3381] = "fixed-version: The CPE in the NVD database doesn't reflect correctly the vulnerable versions." |
38 | CVE-2012-3381 \ | ||
39 | " | ||
40 | 38 | ||
41 | inherit autotools | 39 | inherit autotools |
42 | inherit systemd | 40 | inherit systemd |
diff --git a/meta-oe/recipes-graphics/graphviz/graphviz_8.1.0.bb b/meta-oe/recipes-graphics/graphviz/graphviz_8.1.0.bb index 7ab15c971..ccc114007 100644 --- a/meta-oe/recipes-graphics/graphviz/graphviz_8.1.0.bb +++ b/meta-oe/recipes-graphics/graphviz/graphviz_8.1.0.bb | |||
@@ -29,10 +29,6 @@ SRC_URI:append:class-nativesdk = "\ | |||
29 | " | 29 | " |
30 | SRC_URI[sha256sum] = "d593695fdaa8a19297523b679ad13d3ef2027b0b7f14cc2bc23e77969ed81565" | 30 | SRC_URI[sha256sum] = "d593695fdaa8a19297523b679ad13d3ef2027b0b7f14cc2bc23e77969ed81565" |
31 | 31 | ||
32 | CVE_CHECK_IGNORE += "\ | ||
33 | CVE-2014-9157 \ | ||
34 | " | ||
35 | |||
36 | PACKAGECONFIG ??= "librsvg" | 32 | PACKAGECONFIG ??= "librsvg" |
37 | PACKAGECONFIG[librsvg] = "--with-librsvg,--without-librsvg,librsvg" | 33 | PACKAGECONFIG[librsvg] = "--with-librsvg,--without-librsvg,librsvg" |
38 | 34 | ||
diff --git a/meta-oe/recipes-graphics/jasper/jasper_2.0.33.bb b/meta-oe/recipes-graphics/jasper/jasper_2.0.33.bb index 27dff82df..85da5bfb4 100644 --- a/meta-oe/recipes-graphics/jasper/jasper_2.0.33.bb +++ b/meta-oe/recipes-graphics/jasper/jasper_2.0.33.bb | |||
@@ -6,9 +6,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=a80440d1d8f17d041c71c7271d6e06eb" | |||
6 | SRC_URI = "git://github.com/jasper-software/jasper.git;protocol=https;branch=master" | 6 | SRC_URI = "git://github.com/jasper-software/jasper.git;protocol=https;branch=master" |
7 | SRCREV = "fe00207dc10db1d7cc6f2757961c5c6bdfd10973" | 7 | SRCREV = "fe00207dc10db1d7cc6f2757961c5c6bdfd10973" |
8 | 8 | ||
9 | CVE_CHECK_IGNORE += "\ | 9 | CVE_STATUS[CVE-2015-8751] = "fixed-version: The CPE in the NVD database doesn't reflect correctly the vulnerable versions." |
10 | CVE-2015-8751 \ | ||
11 | " | ||
12 | 10 | ||
13 | S = "${WORKDIR}/git" | 11 | S = "${WORKDIR}/git" |
14 | 12 | ||
diff --git a/meta-oe/recipes-graphics/libsdl/libsdl_1.2.15.bb b/meta-oe/recipes-graphics/libsdl/libsdl_1.2.15.bb index 50c501574..814e6cd0d 100644 --- a/meta-oe/recipes-graphics/libsdl/libsdl_1.2.15.bb +++ b/meta-oe/recipes-graphics/libsdl/libsdl_1.2.15.bb | |||
@@ -81,5 +81,4 @@ do_configure:prepend() { | |||
81 | 81 | ||
82 | BBCLASSEXTEND = "native nativesdk" | 82 | BBCLASSEXTEND = "native nativesdk" |
83 | 83 | ||
84 | #CVE-2019-14906 is a RHEL specific vulnerability. | 84 | CVE_STATUS[CVE-2019-14906] = "not-applicable-platform: Applies on RHEL only" |
85 | CVE_CHECK_IGNORE += "CVE-2019-14906" | ||
diff --git a/meta-oe/recipes-networking/cyrus-sasl/cyrus-sasl_2.1.28.bb b/meta-oe/recipes-networking/cyrus-sasl/cyrus-sasl_2.1.28.bb index 3277fb109..11b53e7b6 100644 --- a/meta-oe/recipes-networking/cyrus-sasl/cyrus-sasl_2.1.28.bb +++ b/meta-oe/recipes-networking/cyrus-sasl/cyrus-sasl_2.1.28.bb | |||
@@ -95,6 +95,3 @@ FILES:${PN}-dbg += "${libdir}/sasl2/.debug" | |||
95 | FILES:${PN}-staticdev += "${libdir}/sasl2/*.a" | 95 | FILES:${PN}-staticdev += "${libdir}/sasl2/*.a" |
96 | 96 | ||
97 | INSANE_SKIP:${PN} += "dev-so" | 97 | INSANE_SKIP:${PN} += "dev-so" |
98 | |||
99 | # CVE-2020-8032 affects only openSUSE | ||
100 | CVE_CHECK_IGNORE += "CVE-2020-8032" | ||
diff --git a/meta-oe/recipes-support/atop/atop_2.4.0.bb b/meta-oe/recipes-support/atop/atop_2.4.0.bb index b1d2abde7..bb1f53624 100644 --- a/meta-oe/recipes-support/atop/atop_2.4.0.bb +++ b/meta-oe/recipes-support/atop/atop_2.4.0.bb | |||
@@ -24,9 +24,7 @@ SRC_URI = "http://www.atoptool.nl/download/${BP}.tar.gz \ | |||
24 | SRC_URI[md5sum] = "1077da884ed94f2bc3c81ac3ab970436" | 24 | SRC_URI[md5sum] = "1077da884ed94f2bc3c81ac3ab970436" |
25 | SRC_URI[sha256sum] = "be1c010a77086b7d98376fce96514afcd73c3f20a8d1fe01520899ff69a73d69" | 25 | SRC_URI[sha256sum] = "be1c010a77086b7d98376fce96514afcd73c3f20a8d1fe01520899ff69a73d69" |
26 | 26 | ||
27 | CVE_CHECK_IGNORE += "\ | 27 | CVE_STATUS[CVE-2011-3618] = "fixed-version: The CPE in the NVD database doesn't reflect correctly the vulnerable versions." |
28 | CVE-2011-3618 \ | ||
29 | " | ||
30 | 28 | ||
31 | do_compile() { | 29 | do_compile() { |
32 | oe_runmake all | 30 | oe_runmake all |
diff --git a/meta-oe/recipes-support/emacs/emacs_28.2.bb b/meta-oe/recipes-support/emacs/emacs_28.2.bb index df210ef5e..137c29bee 100644 --- a/meta-oe/recipes-support/emacs/emacs_28.2.bb +++ b/meta-oe/recipes-support/emacs/emacs_28.2.bb | |||
@@ -11,9 +11,7 @@ SRC_URI:append:class-target = " file://usemake-docfile-native.patch" | |||
11 | 11 | ||
12 | SRC_URI[sha256sum] = "ee21182233ef3232dc97b486af2d86e14042dbb65bbc535df562c3a858232488" | 12 | SRC_URI[sha256sum] = "ee21182233ef3232dc97b486af2d86e14042dbb65bbc535df562c3a858232488" |
13 | 13 | ||
14 | CVE_CHECK_IGNORE = "\ | 14 | CVE_CHECK_STATUS[CVE-2007-6109] = "fixed-version: The CPE in the NVD database doesn't reflect correctly the vulnerable versions." |
15 | CVE-2007-6109 \ | ||
16 | " | ||
17 | 15 | ||
18 | PACKAGECONFIG[gnutls] = "--with-gnutls=yes,--with-gnutls=no,gnutls" | 16 | PACKAGECONFIG[gnutls] = "--with-gnutls=yes,--with-gnutls=no,gnutls" |
19 | PACKAGECONFIG[kerberos] = "--with-kerberos=yes,--with-kerberos=no,krb5" | 17 | PACKAGECONFIG[kerberos] = "--with-kerberos=yes,--with-kerberos=no,krb5" |
diff --git a/meta-oe/recipes-support/nss/nss_3.74.bb b/meta-oe/recipes-support/nss/nss_3.74.bb index 38407a7c4..ea5abe07f 100644 --- a/meta-oe/recipes-support/nss/nss_3.74.bb +++ b/meta-oe/recipes-support/nss/nss_3.74.bb | |||
@@ -283,12 +283,8 @@ BBCLASSEXTEND = "native nativesdk" | |||
283 | 283 | ||
284 | CVE_PRODUCT += "network_security_services" | 284 | CVE_PRODUCT += "network_security_services" |
285 | 285 | ||
286 | # CVE-2006-5201 affects only Sun Solaris | 286 | CVE_STATUS_GROUPS += "CVE_STATUS_NSS" |
287 | CVE_CHECK_IGNORE += "CVE-2006-5201" | 287 | CVE_STATUS_NSS[status] = "not-applicable-config: This only affect the legacy db (libnssdbm), only compiled with --enable-legacy-db" |
288 | CVE_STATUS_NSS = "CVE-2017-11695 CVE-2017-11696 CVE-2017-11697 CVE-2017-11698" | ||
288 | 289 | ||
289 | # CVES CVE-2017-11695 CVE-2017-11696 CVE-2017-11697 CVE-2017-11698 only affect | 290 | CVE_STATUS[CVE-2022-3479] = "not-applicable-config: vulnerability was introduced in 3.77 and fixed in 3.87" |
290 | # the legacy db (libnssdbm), only compiled with --enable-legacy-db. | ||
291 | CVE_CHECK_IGNORE += "CVE-2017-11695 CVE-2017-11696 CVE-2017-11697 CVE-2017-11698" | ||
292 | |||
293 | # vulnerability was introduced in 3.77 and fixed in 3.87 | ||
294 | CVE_CHECK_IGNORE += "CVE-2022-3479" | ||
diff --git a/meta-oe/recipes-support/openldap/openldap_2.5.13.bb b/meta-oe/recipes-support/openldap/openldap_2.5.13.bb index b117677f9..7dc926c61 100644 --- a/meta-oe/recipes-support/openldap/openldap_2.5.13.bb +++ b/meta-oe/recipes-support/openldap/openldap_2.5.13.bb | |||
@@ -233,6 +233,3 @@ python populate_packages:prepend () { | |||
233 | } | 233 | } |
234 | 234 | ||
235 | BBCLASSEXTEND = "native" | 235 | BBCLASSEXTEND = "native" |
236 | |||
237 | # CVE-2015-3276 has no target code. | ||
238 | CVE_CHECK_IGNORE += "CVE-2015-3276" | ||
diff --git a/meta-oe/recipes-support/pidgin/pidgin_2.14.2.bb b/meta-oe/recipes-support/pidgin/pidgin_2.14.2.bb index 3d8a45786..3a0cc0229 100644 --- a/meta-oe/recipes-support/pidgin/pidgin_2.14.2.bb +++ b/meta-oe/recipes-support/pidgin/pidgin_2.14.2.bb | |||
@@ -15,10 +15,8 @@ SRC_URI = "\ | |||
15 | 15 | ||
16 | SRC_URI[sha256sum] = "19654ad276b149646371fbdac21bc7620742f2975f7399fed0ffc1a18fbaf603" | 16 | SRC_URI[sha256sum] = "19654ad276b149646371fbdac21bc7620742f2975f7399fed0ffc1a18fbaf603" |
17 | 17 | ||
18 | CVE_CHECK_IGNORE += "\ | 18 | CVE_CHECK_STATUS[CVE-2010-1624] = "fixed-version: The CPE in the NVD database doesn't reflect correctly the vulnerable versions." |
19 | CVE-2010-1624 \ | 19 | CVE_CHECK_STATUS[CVE-2011-3594] = "fixed-version: The CPE in the NVD database doesn't reflect correctly the vulnerable versions." |
20 | CVE-2011-3594 \ | ||
21 | " | ||
22 | 20 | ||
23 | PACKAGECONFIG ??= "gnutls consoleui avahi dbus idn nss \ | 21 | PACKAGECONFIG ??= "gnutls consoleui avahi dbus idn nss \ |
24 | ${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'x11 gtk startup-notification', '', d)} \ | 22 | ${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'x11 gtk startup-notification', '', d)} \ |