cve_check: convert CVE_CHECK_IGNORE to CVE_STATUS

- Try to add convert and apply statuses for old CVEs - Drop some obsolete ignores, while they are not relevant for current version (From OE-Core rev: 1634ed4048cf56788cd5c2c1bdc979b70afcdcd7) Signed-off-by: Andrej Valek <andrej.valek@siemens.com> Reviewed-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Andrej Valek <andrej.valek@siemens.com> 2023-07-20 09:19:50 +0200
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2023-07-21 11:52:26 +0100
commit: c15e506a4674e558922c5a75512ca2b5c296cd44 (patch)
tree: a0cc1ebf9daca61304185ed901596e31f4029658 /meta/recipes-connectivity/openssl
parent: 7e18a90d35a62cd6894385a9dab549a594d5f11e (diff)
download: poky-c15e506a4674e558922c5a75512ca2b5c296cd44.tar.gz
1 files changed, 1 insertions, 2 deletions
diff --git a/meta/recipes-connectivity/openssl/openssl_3.1.1.bb b/meta/recipes-connectivity/openssl/openssl_3.1.1.bb
index 432ab4032b..c2a7173c84 100644
--- a/meta/recipes-connectivity/openssl/openssl_3.1.1.bb
+++ b/meta/recipes-connectivity/openssl/openssl_3.1.1.bb
@@ -255,6 +255,5 @@ CVE_PRODUCT = "openssl:openssl"
 CVE_VERSION_SUFFIX = "alphabetical"
-# Only affects OpenSSL >= 1.1.1 in combination with Apache < 2.4.37
 # Apache in meta-webserver is already recent enough
-CVE_CHECK_IGNORE += "CVE-2019-0190"
+CVE_STATUS[CVE-2019-0190] = "not-applicable-config: Only affects OpenSSL >= 1.1.1 in combination with Apache < 2.4.37"
author	Andrej Valek <andrej.valek@siemens.com>	2023-07-20 09:19:50 +0200
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2023-07-21 11:52:26 +0100
commit	c15e506a4674e558922c5a75512ca2b5c296cd44 (patch)
tree	a0cc1ebf9daca61304185ed901596e31f4029658 /meta/recipes-connectivity/openssl
parent	7e18a90d35a62cd6894385a9dab549a594d5f11e (diff)
download	poky-c15e506a4674e558922c5a75512ca2b5c296cd44.tar.gz

diff --git a/meta/recipes-connectivity/openssl/openssl_3.1.1.bb b/meta/recipes-connectivity/openssl/openssl_3.1.1.bb index 432ab4032b..c2a7173c84 100644 --- a/meta/recipes-connectivity/openssl/openssl_3.1.1.bb +++ b/meta/recipes-connectivity/openssl/openssl_3.1.1.bb
@@ -255,6 +255,5 @@ CVE_PRODUCT = "openssl:openssl"
255		255
256	CVE_VERSION_SUFFIX = "alphabetical"	256	CVE_VERSION_SUFFIX = "alphabetical"
257		257
258	# Only affects OpenSSL >= 1.1.1 in combination with Apache < 2.4.37
259	# Apache in meta-webserver is already recent enough	258	# Apache in meta-webserver is already recent enough
260	CVE_CHECK_IGNORE += "CVE-2019-0190"	259	CVE_STATUS[CVE-2019-0190] = "not-applicable-config: Only affects OpenSSL >= 1.1.1 in combination with Apache < 2.4.37"