diff options
author | Ross Burton <ross.burton@arm.com> | 2023-06-12 14:10:31 +0100 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2023-06-13 22:16:31 +0100 |
commit | d9cf8973d01b74aa2680dba5ac46c5cea3d1a6d0 (patch) | |
tree | f4afa887a0452bffcaa6b31baa900b80c839c0d1 | |
parent | 52edee5ad3709e68156d8ed2b6aa4b7e4ca7259c (diff) | |
download | poky-d9cf8973d01b74aa2680dba5ac46c5cea3d1a6d0.tar.gz |
cve-extra-exclusions: remove 2019 blanket ignores
Remove the blanket ignore and handle the CVEs individually.
CVE-2019-14899 is related to network interface configuration across
multiple operating systems, so leave this as unresolved.
-3016, -3819 and -3887 are pending CPE updates, so ignore them.
The others have accurate CPE information now so are handled correctly.
(From OE-Core rev: e46bd62a278ec0bb9da995cab9350f1c363131d1)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-rw-r--r-- | meta/conf/distro/include/cve-extra-exclusions.inc | 15 |
1 files changed, 13 insertions, 2 deletions
diff --git a/meta/conf/distro/include/cve-extra-exclusions.inc b/meta/conf/distro/include/cve-extra-exclusions.inc index 41d751a7ae..f42253bff6 100644 --- a/meta/conf/distro/include/cve-extra-exclusions.inc +++ b/meta/conf/distro/include/cve-extra-exclusions.inc | |||
@@ -74,8 +74,19 @@ CVE_CHECK_IGNORE += "CVE-2011-0640 CVE-2014-2648 CVE-2014-8171 CVE-2016-0774 CVE | |||
74 | # 2018 | 74 | # 2018 |
75 | CVE_CHECK_IGNORE += "CVE-2018-1000026 CVE-2018-10840 CVE-2018-10876 CVE-2018-10882 CVE-2018-10901 CVE-2018-10902 \ | 75 | CVE_CHECK_IGNORE += "CVE-2018-1000026 CVE-2018-10840 CVE-2018-10876 CVE-2018-10882 CVE-2018-10901 CVE-2018-10902 \ |
76 | CVE-2018-14625 CVE-2018-16880 CVE-2018-16884 CVE-2018-5873 CVE-2018-6559" | 76 | CVE-2018-14625 CVE-2018-16880 CVE-2018-16884 CVE-2018-5873 CVE-2018-6559" |
77 | # 2019 | 77 | |
78 | CVE_CHECK_IGNORE += "CVE-2019-10126 CVE-2019-14899 CVE-2019-18910 CVE-2019-3016 CVE-2019-3819 CVE-2019-3846 CVE-2019-3887" | 78 | # https://www.linuxkernelcves.com/cves/CVE-2019-3016 |
79 | # Fixed with 5.6 | ||
80 | CVE_CHECK_IGNORE += "CVE-2019-3016" | ||
81 | |||
82 | # https://www.linuxkernelcves.com/cves/CVE-2019-3819 | ||
83 | # Fixed with 5.1 | ||
84 | CVE_CHECK_IGNORE += "CVE-2019-3819" | ||
85 | |||
86 | # https://www.linuxkernelcves.com/cves/CVE-2019-3887 | ||
87 | # Fixed with 5.2 | ||
88 | CVE_CHECK_IGNORE += "CVE-2019-3887" | ||
89 | |||
79 | # 2020 | 90 | # 2020 |
80 | CVE_CHECK_IGNORE += "CVE-2020-10732 CVE-2020-10742 CVE-2020-16119 CVE-2020-1749 CVE-2020-25672 CVE-2020-27820 CVE-2020-35501 CVE-2020-8834" | 91 | CVE_CHECK_IGNORE += "CVE-2020-10732 CVE-2020-10742 CVE-2020-16119 CVE-2020-1749 CVE-2020-25672 CVE-2020-27820 CVE-2020-35501 CVE-2020-8834" |
81 | 92 | ||