cve-extra-exclusions.inc: Clean up merged CPE updates

(From OE-Core rev: d2ba6d58e77430cceeca9db61fdb06882a92e1e7) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Richard Purdie <richard.purdie@linuxfoundation.org> 2021-05-20 18:44:24 +0100
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2021-05-21 15:18:23 +0100
commit: ba333719d6cd81d18278e93535caa33562a07d8a (patch)
tree: 7d9c570d3c3c5083a29c2dce10adab15da0d9090 /meta/conf/distro
parent: 8b9bd2629502888c9381d9e358ceb6b5e99cdeca (diff)
download: poky-ba333719d6cd81d18278e93535caa33562a07d8a.tar.gz
1 files changed, 0 insertions, 15 deletions
diff --git a/meta/conf/distro/include/cve-extra-exclusions.inc b/meta/conf/distro/include/cve-extra-exclusions.inc
index b2816c3dd5..cf07acce1d 100644
--- a/meta/conf/distro/include/cve-extra-exclusions.inc
+++ b/meta/conf/distro/include/cve-extra-exclusions.inc
@@ -53,21 +53,6 @@ CVE_CHECK_WHITELIST += "CVE-2020-29509 CVE-2020-29511"
 # so from 1.17 onwards. Reported to the database for update by RP 2021/5/9. Update accepted 2021/5/10.
 #CVE_CHECK_WHITELIST += "CVE-2000-0803"
-# grub:grub-efi:grub-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-14865
-# Looks like grub-set-bootflag is patched in by Fedora/RHEL:
-# https://src.fedoraproject.org/rpms/grub2/blob/498ea7003b4dd8079fc075fad7e19e0b190d0f97/f/0133-Add-grub-set-bootflag-utility.patch
-# Does not exist in upstream grub2:
-# https://git.savannah.gnu.org/cgit/grub.git/tree/util
-# Reported to the database for update by RP 2021/5/9 Update accepted 2021/5/12
-#CVE_CHECK_WHITELIST += "CVE-2019-14865"
-# tar https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-4476 *
-# https://bugzilla.redhat.com/show_bug.cgi?id=280961 - issue affects paxutils included in tar
-# http://cvs.savannah.gnu.org/viewvc/paxutils/paxutils/paxlib/names.c?r1=1.2&r2=1.4 was the fix
-# included in tar 1.19 and later
-# CPE update sent, may or may not exclude for us
-#CVE_CHECK_WHITELIST += "CVE-2007-4476"
 #### Upstream still working on ####
author	Richard Purdie <richard.purdie@linuxfoundation.org>	2021-05-20 18:44:24 +0100
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2021-05-21 15:18:23 +0100
commit	ba333719d6cd81d18278e93535caa33562a07d8a (patch)
tree	7d9c570d3c3c5083a29c2dce10adab15da0d9090 /meta/conf/distro
parent	8b9bd2629502888c9381d9e358ceb6b5e99cdeca (diff)
download	poky-ba333719d6cd81d18278e93535caa33562a07d8a.tar.gz

diff --git a/meta/conf/distro/include/cve-extra-exclusions.inc b/meta/conf/distro/include/cve-extra-exclusions.inc index b2816c3dd5..cf07acce1d 100644 --- a/meta/conf/distro/include/cve-extra-exclusions.inc +++ b/meta/conf/distro/include/cve-extra-exclusions.inc
@@ -53,21 +53,6 @@ CVE_CHECK_WHITELIST += "CVE-2020-29509 CVE-2020-29511"
53	# so from 1.17 onwards. Reported to the database for update by RP 2021/5/9. Update accepted 2021/5/10.	53	# so from 1.17 onwards. Reported to the database for update by RP 2021/5/9. Update accepted 2021/5/10.
54	#CVE_CHECK_WHITELIST += "CVE-2000-0803"	54	#CVE_CHECK_WHITELIST += "CVE-2000-0803"
55		55
56	# grub:grub-efi:grub-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-14865
57	# Looks like grub-set-bootflag is patched in by Fedora/RHEL:
58	# https://src.fedoraproject.org/rpms/grub2/blob/498ea7003b4dd8079fc075fad7e19e0b190d0f97/f/0133-Add-grub-set-bootflag-utility.patch
59	# Does not exist in upstream grub2:
60	# https://git.savannah.gnu.org/cgit/grub.git/tree/util
61	# Reported to the database for update by RP 2021/5/9 Update accepted 2021/5/12
62	#CVE_CHECK_WHITELIST += "CVE-2019-14865"
63
64	# tar https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-4476 *
65	# https://bugzilla.redhat.com/show_bug.cgi?id=280961 - issue affects paxutils included in tar
66	# http://cvs.savannah.gnu.org/viewvc/paxutils/paxutils/paxlib/names.c?r1=1.2&r2=1.4 was the fix
67	# included in tar 1.19 and later
68	# CPE update sent, may or may not exclude for us
69	#CVE_CHECK_WHITELIST += "CVE-2007-4476"
70
71		56
72		57
73	#### Upstream still working on ####	58	#### Upstream still working on ####