meta/scripts: Automated conversion of OE renamed variables

(From OE-Core rev: aa52af4518604b5bf13f3c5e885113bf868d6c81) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Richard Purdie <richard.purdie@linuxfoundation.org> 2022-02-16 20:33:47 +0000
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2022-02-21 23:37:27 +0000
commit: 71ef3191938da772b07274165dd3a85c2ed011f1 (patch)
tree: fd830ada451fec669352cb0dfc1bb316ea9cefd8 /meta/conf
parent: 5a3d6c7bda0f158473c82d1c38ae2df26192dccb (diff)
download: poky-71ef3191938da772b07274165dd3a85c2ed011f1.tar.gz
1 files changed, 6 insertions, 6 deletions
diff --git a/meta/conf/distro/include/cve-extra-exclusions.inc b/meta/conf/distro/include/cve-extra-exclusions.inc
index e02a4d1fde..85b40207bf 100644
--- a/meta/conf/distro/include/cve-extra-exclusions.inc
+++ b/meta/conf/distro/include/cve-extra-exclusions.inc
@@ -19,7 +19,7 @@
 # strace https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2000-0006
 # CVE is more than 20 years old with no resolution evident
 # broken links in CVE database references make resolution impractical
-CVE_CHECK_WHITELIST += "CVE-2000-0006"
+CVE_CHECK_IGNORE += "CVE-2000-0006"
 # epiphany https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-0238
 # The issue here is spoofing of domain names using characters from other character sets.
@@ -28,26 +28,26 @@ CVE_CHECK_WHITELIST += "CVE-2000-0006"
 # there is unlikely ever to be a single fix to webkit or epiphany which addresses this
 # problem. Whitelisted as there isn't any mitigation or fix or way to progress this further
 # we can seem to take.
-CVE_CHECK_WHITELIST += "CVE-2005-0238"
+CVE_CHECK_IGNORE += "CVE-2005-0238"
 # glibc https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4756
 # Issue is memory exhaustion via glob() calls, e.g. from within an ftp server
 # Best discussion in https://bugzilla.redhat.com/show_bug.cgi?id=681681
 # Upstream don't see it as a security issue, ftp servers shouldn't be passing
 # this to libc glob. Exclude as upstream have no plans to add BSD's GLOB_LIMIT or similar
-CVE_CHECK_WHITELIST += "CVE-2010-4756"
+CVE_CHECK_IGNORE += "CVE-2010-4756"
 # go https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-29509
 # go https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-29511
 # The encoding/xml package in go can potentially be used for security exploits if not used correctly
 # CVE applies to a netapp product as well as flagging a general issue. We don't ship anything
 # exposing this interface in an exploitable way
-CVE_CHECK_WHITELIST += "CVE-2020-29509 CVE-2020-29511"
+CVE_CHECK_IGNORE += "CVE-2020-29509 CVE-2020-29511"
 # db
 # Since Oracle relicensed bdb, the open source community is slowly but surely replacing bdb with
 # supported and open source friendly alternatives. As a result these CVEs are unlikely to ever be fixed.
-CVE_CHECK_WHITELIST += "CVE-2015-2583 CVE-2015-2624 CVE-2015-2626 CVE-2015-2640 CVE-2015-2654 \
+CVE_CHECK_IGNORE += "CVE-2015-2583 CVE-2015-2624 CVE-2015-2626 CVE-2015-2640 CVE-2015-2654 \
 CVE-2015-2656 CVE-2015-4754 CVE-2015-4764 CVE-2015-4774 CVE-2015-4775 CVE-2015-4776 CVE-2015-4777 \
 CVE-2015-4778 CVE-2015-4779 CVE-2015-4780 CVE-2015-4781 CVE-2015-4782 CVE-2015-4783 CVE-2015-4784 \
 CVE-2015-4785 CVE-2015-4786 CVE-2015-4787 CVE-2015-4788 CVE-2015-4789 CVE-2015-4790 CVE-2016-0682 \
@@ -58,7 +58,7 @@ CVE-2016-0689 CVE-2016-0692 CVE-2016-0694 CVE-2016-3418 CVE-2020-2981"
 # groff:groff-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2000-0803
 # Appears it was fixed in https://git.savannah.gnu.org/cgit/groff.git/commit/?id=07f95f1674217275ed4612f1dcaa95a88435c6a7
 # so from 1.17 onwards. Reported to the database for update by RP 2021/5/9. Update accepted 2021/5/10.
-#CVE_CHECK_WHITELIST += "CVE-2000-0803"
+#CVE_CHECK_IGNORE += "CVE-2000-0803"
author	Richard Purdie <richard.purdie@linuxfoundation.org>	2022-02-16 20:33:47 +0000
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2022-02-21 23:37:27 +0000
commit	71ef3191938da772b07274165dd3a85c2ed011f1 (patch)
tree	fd830ada451fec669352cb0dfc1bb316ea9cefd8 /meta/conf
parent	5a3d6c7bda0f158473c82d1c38ae2df26192dccb (diff)
download	poky-71ef3191938da772b07274165dd3a85c2ed011f1.tar.gz

diff --git a/meta/conf/distro/include/cve-extra-exclusions.inc b/meta/conf/distro/include/cve-extra-exclusions.inc index e02a4d1fde..85b40207bf 100644 --- a/meta/conf/distro/include/cve-extra-exclusions.inc +++ b/meta/conf/distro/include/cve-extra-exclusions.inc
@@ -19,7 +19,7 @@
19	# strace https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2000-0006	19	# strace https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2000-0006
20	# CVE is more than 20 years old with no resolution evident	20	# CVE is more than 20 years old with no resolution evident
21	# broken links in CVE database references make resolution impractical	21	# broken links in CVE database references make resolution impractical
22	CVE_CHECK_WHITELIST += "CVE-2000-0006"	22	CVE_CHECK_IGNORE += "CVE-2000-0006"
23		23
24	# epiphany https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-0238	24	# epiphany https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-0238
25	# The issue here is spoofing of domain names using characters from other character sets.	25	# The issue here is spoofing of domain names using characters from other character sets.
@@ -28,26 +28,26 @@ CVE_CHECK_WHITELIST += "CVE-2000-0006"
28	# there is unlikely ever to be a single fix to webkit or epiphany which addresses this	28	# there is unlikely ever to be a single fix to webkit or epiphany which addresses this
29	# problem. Whitelisted as there isn't any mitigation or fix or way to progress this further	29	# problem. Whitelisted as there isn't any mitigation or fix or way to progress this further
30	# we can seem to take.	30	# we can seem to take.
31	CVE_CHECK_WHITELIST += "CVE-2005-0238"	31	CVE_CHECK_IGNORE += "CVE-2005-0238"
32		32
33	# glibc https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4756	33	# glibc https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4756
34	# Issue is memory exhaustion via glob() calls, e.g. from within an ftp server	34	# Issue is memory exhaustion via glob() calls, e.g. from within an ftp server
35	# Best discussion in https://bugzilla.redhat.com/show_bug.cgi?id=681681	35	# Best discussion in https://bugzilla.redhat.com/show_bug.cgi?id=681681
36	# Upstream don't see it as a security issue, ftp servers shouldn't be passing	36	# Upstream don't see it as a security issue, ftp servers shouldn't be passing
37	# this to libc glob. Exclude as upstream have no plans to add BSD's GLOB_LIMIT or similar	37	# this to libc glob. Exclude as upstream have no plans to add BSD's GLOB_LIMIT or similar
38	CVE_CHECK_WHITELIST += "CVE-2010-4756"	38	CVE_CHECK_IGNORE += "CVE-2010-4756"
39		39
40	# go https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-29509	40	# go https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-29509
41	# go https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-29511	41	# go https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-29511
42	# The encoding/xml package in go can potentially be used for security exploits if not used correctly	42	# The encoding/xml package in go can potentially be used for security exploits if not used correctly
43	# CVE applies to a netapp product as well as flagging a general issue. We don't ship anything	43	# CVE applies to a netapp product as well as flagging a general issue. We don't ship anything
44	# exposing this interface in an exploitable way	44	# exposing this interface in an exploitable way
45	CVE_CHECK_WHITELIST += "CVE-2020-29509 CVE-2020-29511"	45	CVE_CHECK_IGNORE += "CVE-2020-29509 CVE-2020-29511"
46		46
47	# db	47	# db
48	# Since Oracle relicensed bdb, the open source community is slowly but surely replacing bdb with	48	# Since Oracle relicensed bdb, the open source community is slowly but surely replacing bdb with
49	# supported and open source friendly alternatives. As a result these CVEs are unlikely to ever be fixed.	49	# supported and open source friendly alternatives. As a result these CVEs are unlikely to ever be fixed.
50	CVE_CHECK_WHITELIST += "CVE-2015-2583 CVE-2015-2624 CVE-2015-2626 CVE-2015-2640 CVE-2015-2654 \	50	CVE_CHECK_IGNORE += "CVE-2015-2583 CVE-2015-2624 CVE-2015-2626 CVE-2015-2640 CVE-2015-2654 \
51	CVE-2015-2656 CVE-2015-4754 CVE-2015-4764 CVE-2015-4774 CVE-2015-4775 CVE-2015-4776 CVE-2015-4777 \	51	CVE-2015-2656 CVE-2015-4754 CVE-2015-4764 CVE-2015-4774 CVE-2015-4775 CVE-2015-4776 CVE-2015-4777 \
52	CVE-2015-4778 CVE-2015-4779 CVE-2015-4780 CVE-2015-4781 CVE-2015-4782 CVE-2015-4783 CVE-2015-4784 \	52	CVE-2015-4778 CVE-2015-4779 CVE-2015-4780 CVE-2015-4781 CVE-2015-4782 CVE-2015-4783 CVE-2015-4784 \
53	CVE-2015-4785 CVE-2015-4786 CVE-2015-4787 CVE-2015-4788 CVE-2015-4789 CVE-2015-4790 CVE-2016-0682 \	53	CVE-2015-4785 CVE-2015-4786 CVE-2015-4787 CVE-2015-4788 CVE-2015-4789 CVE-2015-4790 CVE-2016-0682 \
@@ -58,7 +58,7 @@ CVE-2016-0689 CVE-2016-0692 CVE-2016-0694 CVE-2016-3418 CVE-2020-2981"
58	# groff:groff-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2000-0803	58	# groff:groff-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2000-0803
59	# Appears it was fixed in https://git.savannah.gnu.org/cgit/groff.git/commit/?id=07f95f1674217275ed4612f1dcaa95a88435c6a7	59	# Appears it was fixed in https://git.savannah.gnu.org/cgit/groff.git/commit/?id=07f95f1674217275ed4612f1dcaa95a88435c6a7
60	# so from 1.17 onwards. Reported to the database for update by RP 2021/5/9. Update accepted 2021/5/10.	60	# so from 1.17 onwards. Reported to the database for update by RP 2021/5/9. Update accepted 2021/5/10.
61	#CVE_CHECK_WHITELIST += "CVE-2000-0803"	61	#CVE_CHECK_IGNORE += "CVE-2000-0803"
62		62
63		63
64		64