cve_check: convert CVE_CHECK_IGNORE to CVE_STATUS

- Try to add convert and apply statuses for old CVEs - Drop some obsolete ignores, while they are not relevant for current version (From OE-Core rev: 1634ed4048cf56788cd5c2c1bdc979b70afcdcd7) Signed-off-by: Andrej Valek <andrej.valek@siemens.com> Reviewed-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Andrej Valek <andrej.valek@siemens.com> 2023-07-20 09:19:50 +0200
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2023-07-21 11:52:26 +0100
commit: c15e506a4674e558922c5a75512ca2b5c296cd44 (patch)
tree: a0cc1ebf9daca61304185ed901596e31f4029658 /meta/recipes-extended/shadow
parent: 7e18a90d35a62cd6894385a9dab549a594d5f11e (diff)
download: poky-c15e506a4674e558922c5a75512ca2b5c296cd44.tar.gz
1 files changed, 2 insertions, 5 deletions
diff --git a/meta/recipes-extended/shadow/shadow_4.13.bb b/meta/recipes-extended/shadow/shadow_4.13.bb
index d1a3fd5593..4e55446312 100644
--- a/meta/recipes-extended/shadow/shadow_4.13.bb
+++ b/meta/recipes-extended/shadow/shadow_4.13.bb
@@ -6,9 +6,6 @@ BUILD_LDFLAGS:append:class-target = " ${@bb.utils.contains('DISTRO_FEATURES', 'p
 BBCLASSEXTEND = "native nativesdk"
-# Severity is low and marked as closed and won't fix.
 # https://bugzilla.redhat.com/show_bug.cgi?id=884658
-CVE_CHECK_IGNORE += "CVE-2013-4235"
+CVE_STATUS[CVE-2013-4235] = "upstream-wontfix: Severity is low and marked as closed and won't fix."
+CVE_STATUS[CVE-2016-15024] = "cpe-incorrect: This is an issue for a different shadow"
-# This is an issue for a different shadow
-CVE_CHECK_IGNORE += "CVE-2016-15024"
author	Andrej Valek <andrej.valek@siemens.com>	2023-07-20 09:19:50 +0200
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2023-07-21 11:52:26 +0100
commit	c15e506a4674e558922c5a75512ca2b5c296cd44 (patch)
tree	a0cc1ebf9daca61304185ed901596e31f4029658 /meta/recipes-extended/shadow
parent	7e18a90d35a62cd6894385a9dab549a594d5f11e (diff)
download	poky-c15e506a4674e558922c5a75512ca2b5c296cd44.tar.gz

diff --git a/meta/recipes-extended/shadow/shadow_4.13.bb b/meta/recipes-extended/shadow/shadow_4.13.bb index d1a3fd5593..4e55446312 100644 --- a/meta/recipes-extended/shadow/shadow_4.13.bb +++ b/meta/recipes-extended/shadow/shadow_4.13.bb
@@ -6,9 +6,6 @@ BUILD_LDFLAGS:append:class-target = " ${@bb.utils.contains('DISTRO_FEATURES', 'p
6		6
7	BBCLASSEXTEND = "native nativesdk"	7	BBCLASSEXTEND = "native nativesdk"
8		8
9	# Severity is low and marked as closed and won't fix.
10	# https://bugzilla.redhat.com/show_bug.cgi?id=884658	9	# https://bugzilla.redhat.com/show_bug.cgi?id=884658
11	CVE_CHECK_IGNORE += "CVE-2013-4235"	10	CVE_STATUS[CVE-2013-4235] = "upstream-wontfix: Severity is low and marked as closed and won't fix."
12		11	CVE_STATUS[CVE-2016-15024] = "cpe-incorrect: This is an issue for a different shadow"
13	# This is an issue for a different shadow
14	CVE_CHECK_IGNORE += "CVE-2016-15024"