diff options
author | Simone Weiß <simone.p.weiss@posteo.com> | 2024-02-23 21:31:01 +0000 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2024-02-24 16:10:23 +0000 |
commit | 5e21c5d64eaf2a7bd8b7cc74e3ee9671cd6df35e (patch) | |
tree | c856a01a0de9dac8b1b55fa398cea31e1f71dfd0 | |
parent | e8ea8695e12daddd3f973a23fa804c2a818b3c6d (diff) | |
download | poky-5e21c5d64eaf2a7bd8b7cc74e3ee9671cd6df35e.tar.gz |
meta: Remove some not needed CVE_STATUS
CVE_STATUS was set for those components, but meanwhile databases are updated
with corrected information, so setting the CVE_STATUS is not needed anymore.
(From OE-Core rev: 5ec6057cfa66ceeb33bec013e320f8e3fa7d7ecf)
Signed-off-by: Simone Weiß <simone.p.weiss@posteo.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-rw-r--r-- | meta/recipes-connectivity/openssl/openssl_3.2.1.bb | 2 | ||||
-rw-r--r-- | meta/recipes-devtools/qemu/qemu.inc | 2 | ||||
-rw-r--r-- | meta/recipes-extended/shadow/shadow_4.14.2.bb | 1 | ||||
-rw-r--r-- | meta/recipes-multimedia/libpng/libpng_1.6.41.bb | 2 | ||||
-rw-r--r-- | meta/recipes-support/libgcrypt/libgcrypt_1.10.3.bb | 3 | ||||
-rw-r--r-- | meta/recipes-support/sqlite/sqlite3_3.45.1.bb | 2 |
6 files changed, 0 insertions, 12 deletions
diff --git a/meta/recipes-connectivity/openssl/openssl_3.2.1.bb b/meta/recipes-connectivity/openssl/openssl_3.2.1.bb index 549fa4cd94..d3bf6248e3 100644 --- a/meta/recipes-connectivity/openssl/openssl_3.2.1.bb +++ b/meta/recipes-connectivity/openssl/openssl_3.2.1.bb | |||
@@ -257,5 +257,3 @@ CVE_PRODUCT = "openssl:openssl" | |||
257 | 257 | ||
258 | CVE_VERSION_SUFFIX = "alphabetical" | 258 | CVE_VERSION_SUFFIX = "alphabetical" |
259 | 259 | ||
260 | # Apache in meta-webserver is already recent enough | ||
261 | CVE_STATUS[CVE-2019-0190] = "not-applicable-config: Only affects OpenSSL >= 1.1.1 in combination with Apache < 2.4.37" | ||
diff --git a/meta/recipes-devtools/qemu/qemu.inc b/meta/recipes-devtools/qemu/qemu.inc index d16d5e76c8..a403f7d69f 100644 --- a/meta/recipes-devtools/qemu/qemu.inc +++ b/meta/recipes-devtools/qemu/qemu.inc | |||
@@ -54,8 +54,6 @@ SRC_URI:append:class-native = " \ | |||
54 | 54 | ||
55 | SRC_URI[sha256sum] = "8562751158175f9d187c5f22b57555abe3c870f0325c8ced12c34c6d987729be" | 55 | SRC_URI[sha256sum] = "8562751158175f9d187c5f22b57555abe3c870f0325c8ced12c34c6d987729be" |
56 | 56 | ||
57 | CVE_STATUS[CVE-2017-5957] = "cpe-incorrect: Applies against virglrender < 0.6.0 and not qemu itself" | ||
58 | |||
59 | CVE_STATUS[CVE-2007-0998] = "not-applicable-config: The VNC server can expose host files uder some circumstances. We don't enable it by default." | 57 | CVE_STATUS[CVE-2007-0998] = "not-applicable-config: The VNC server can expose host files uder some circumstances. We don't enable it by default." |
60 | 58 | ||
61 | # https://bugzilla.redhat.com/show_bug.cgi?id=1609015#c11 | 59 | # https://bugzilla.redhat.com/show_bug.cgi?id=1609015#c11 |
diff --git a/meta/recipes-extended/shadow/shadow_4.14.2.bb b/meta/recipes-extended/shadow/shadow_4.14.2.bb index 4e55446312..e57676c1da 100644 --- a/meta/recipes-extended/shadow/shadow_4.14.2.bb +++ b/meta/recipes-extended/shadow/shadow_4.14.2.bb | |||
@@ -8,4 +8,3 @@ BBCLASSEXTEND = "native nativesdk" | |||
8 | 8 | ||
9 | # https://bugzilla.redhat.com/show_bug.cgi?id=884658 | 9 | # https://bugzilla.redhat.com/show_bug.cgi?id=884658 |
10 | CVE_STATUS[CVE-2013-4235] = "upstream-wontfix: Severity is low and marked as closed and won't fix." | 10 | CVE_STATUS[CVE-2013-4235] = "upstream-wontfix: Severity is low and marked as closed and won't fix." |
11 | CVE_STATUS[CVE-2016-15024] = "cpe-incorrect: This is an issue for a different shadow" | ||
diff --git a/meta/recipes-multimedia/libpng/libpng_1.6.41.bb b/meta/recipes-multimedia/libpng/libpng_1.6.41.bb index 59d3db8efd..8c7529be9b 100644 --- a/meta/recipes-multimedia/libpng/libpng_1.6.41.bb +++ b/meta/recipes-multimedia/libpng/libpng_1.6.41.bb | |||
@@ -31,5 +31,3 @@ PACKAGES =+ "${PN}-tools" | |||
31 | FILES:${PN}-tools = "${bindir}/png-fix-itxt ${bindir}/pngfix ${bindir}/pngcp" | 31 | FILES:${PN}-tools = "${bindir}/png-fix-itxt ${bindir}/pngfix ${bindir}/pngcp" |
32 | 32 | ||
33 | BBCLASSEXTEND = "native nativesdk" | 33 | BBCLASSEXTEND = "native nativesdk" |
34 | |||
35 | CVE_STATUS[CVE-2019-17371] = "cpe-incorrect: A memory leak in gif2png 2.x" | ||
diff --git a/meta/recipes-support/libgcrypt/libgcrypt_1.10.3.bb b/meta/recipes-support/libgcrypt/libgcrypt_1.10.3.bb index 1c4f4d6038..5a76201ab5 100644 --- a/meta/recipes-support/libgcrypt/libgcrypt_1.10.3.bb +++ b/meta/recipes-support/libgcrypt/libgcrypt_1.10.3.bb | |||
@@ -29,9 +29,6 @@ SRC_URI = "${GNUPG_MIRROR}/libgcrypt/libgcrypt-${PV}.tar.bz2 \ | |||
29 | " | 29 | " |
30 | SRC_URI[sha256sum] = "8b0870897ac5ac67ded568dcfadf45969cfa8a6beb0fd60af2a9eadc2a3272aa" | 30 | SRC_URI[sha256sum] = "8b0870897ac5ac67ded568dcfadf45969cfa8a6beb0fd60af2a9eadc2a3272aa" |
31 | 31 | ||
32 | CVE_STATUS[CVE-2018-12433] = "disputed: CVE is disputed and not affecting crypto libraries for any distro." | ||
33 | CVE_STATUS[CVE-2018-12438] = "disputed: CVE is disputed and not affecting crypto libraries for any distro." | ||
34 | |||
35 | BINCONFIG = "${bindir}/libgcrypt-config" | 32 | BINCONFIG = "${bindir}/libgcrypt-config" |
36 | 33 | ||
37 | inherit autotools texinfo binconfig-disabled pkgconfig ptest | 34 | inherit autotools texinfo binconfig-disabled pkgconfig ptest |
diff --git a/meta/recipes-support/sqlite/sqlite3_3.45.1.bb b/meta/recipes-support/sqlite/sqlite3_3.45.1.bb index 2ca8bc5bc9..50612feb25 100644 --- a/meta/recipes-support/sqlite/sqlite3_3.45.1.bb +++ b/meta/recipes-support/sqlite/sqlite3_3.45.1.bb | |||
@@ -6,5 +6,3 @@ LIC_FILES_CHKSUM = "file://sqlite3.h;endline=11;md5=786d3dc581eff03f4fd9e4a77ed0 | |||
6 | SRC_URI = "http://www.sqlite.org/2024/sqlite-autoconf-${SQLITE_PV}.tar.gz" | 6 | SRC_URI = "http://www.sqlite.org/2024/sqlite-autoconf-${SQLITE_PV}.tar.gz" |
7 | SRC_URI[sha256sum] = "cd9c27841b7a5932c9897651e20b86c701dd740556989b01ca596fcfa3d49a0a" | 7 | SRC_URI[sha256sum] = "cd9c27841b7a5932c9897651e20b86c701dd740556989b01ca596fcfa3d49a0a" |
8 | 8 | ||
9 | CVE_STATUS[CVE-2023-36191] = "disputed: The error is a bug. It has been fixed upstream. But it is not a vulnerability" | ||
10 | |||