diff options
| author | Gyorgy Sarvari <skandigraun@gmail.com> | 2025-12-09 16:39:53 +0100 |
|---|---|---|
| committer | Khem Raj <raj.khem@gmail.com> | 2025-12-10 08:56:12 -0800 |
| commit | b990486203b8eca688cfb6fc9bebf8b138e0b334 (patch) | |
| tree | b0e74894ee77570cf8277ef2388d5937e09a90ae | |
| parent | 9f12c5fbc63143c33d6c68139cccac770817b4eb (diff) | |
| download | meta-openembedded-b990486203b8eca688cfb6fc9bebf8b138e0b334.tar.gz | |
fex: ignore unrelated CVEs
These CVEs were filed for "Fram's Fast File Exchange" application, which
has the same abbreviated name as fex. Currently this recipe has no historical
CVEs associated, so I couldn't set the correct CVE_PRODUCT. Rather ignore
these irrelevant CVEs explicitly.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
| -rw-r--r-- | meta-oe/recipes-devtools/fex/fex_2511.bb | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/meta-oe/recipes-devtools/fex/fex_2511.bb b/meta-oe/recipes-devtools/fex/fex_2511.bb index 9c0748ac63..88dd48f953 100644 --- a/meta-oe/recipes-devtools/fex/fex_2511.bb +++ b/meta-oe/recipes-devtools/fex/fex_2511.bb | |||
| @@ -54,3 +54,9 @@ LDFLAGS += "-fuse-ld=lld" | |||
| 54 | 54 | ||
| 55 | FILES:${PN} += "${datadir} ${libdir}/binfmt.d ${libdir}/libFEXCore.so" | 55 | FILES:${PN} += "${datadir} ${libdir}/binfmt.d ${libdir}/libFEXCore.so" |
| 56 | FILES:${PN}-dev = "${includedir}" | 56 | FILES:${PN}-dev = "${includedir}" |
| 57 | |||
| 58 | # At the time of writing this, this recipe has no historical CVEs associated, and couldn't | ||
| 59 | # find a CPE to set. So ignore these unrelated vulnerabilities. | ||
| 60 | CVE_STATUS_GROUPS = "CVE_STATUS_WRONG_CPE" | ||
| 61 | CVE_STATUS_WRONG_CPE[status] = "cpe-incorrect: These vulnerabilities are for unrelated Fram's Fast File-EXchange application" | ||
| 62 | CVE_STATUS_WRONG_CPE = "CVE-2012-0869 CVE-2012-1293 CVE-2014-3875 CVE-2014-3876 CVE-2014-3877" | ||