diff options
| author | Andrej Valek <andrej.valek@siemens.com> | 2023-07-26 11:50:09 +0200 |
|---|---|---|
| committer | Khem Raj <raj.khem@gmail.com> | 2023-07-27 08:54:40 -0700 |
| commit | 8af2f17a6fa8bf282c4c27054adbea1bf0873069 (patch) | |
| tree | 22b6484379a0f3d3e2b89f958dda0fd45f2a1880 /meta-networking/recipes-protocols/mdns | |
| parent | 4c201ede939610946847ccd4221320ed776224aa (diff) | |
| download | meta-openembedded-8af2f17a6fa8bf282c4c27054adbea1bf0873069.tar.gz | |
cve_check: convert CVE_CHECK_IGNORE to CVE_STATUS
- Try to add convert and apply statuses for old CVEs
- Drop some obsolete ignores, while they are not relevant for current
version
Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Diffstat (limited to 'meta-networking/recipes-protocols/mdns')
| -rw-r--r-- | meta-networking/recipes-protocols/mdns/mdns_1790.80.10.bb | 22 |
1 files changed, 10 insertions, 12 deletions
diff --git a/meta-networking/recipes-protocols/mdns/mdns_1790.80.10.bb b/meta-networking/recipes-protocols/mdns/mdns_1790.80.10.bb index 46f1b70cb7..aff7954f50 100644 --- a/meta-networking/recipes-protocols/mdns/mdns_1790.80.10.bb +++ b/meta-networking/recipes-protocols/mdns/mdns_1790.80.10.bb | |||
| @@ -46,18 +46,16 @@ PACKAGECONFIG[tls] = ",tls=no,mbedtls" | |||
| 46 | 46 | ||
| 47 | CVE_PRODUCT = "apple:mdnsresponder" | 47 | CVE_PRODUCT = "apple:mdnsresponder" |
| 48 | 48 | ||
| 49 | # CVE-2007-0613 is not applicable as it only affects Apple products | 49 | CVE_STATUS[CVE-2007-0613] = "not-applicable-platform: Issue affects Apple products \ |
| 50 | # i.e. ichat,mdnsresponder, instant message framework and MacOS. | 50 | i.e. ichat,mdnsresponder, instant message framework and MacOS. Also, \ |
| 51 | # Also, https://www.exploit-db.com/exploits/3230 shows the part of code | 51 | https://www.exploit-db.com/exploits/3230 shows the part of code \ |
| 52 | # affected by CVE-2007-0613 which is not preset in upstream source code. | 52 | affected by CVE-2007-0613 which is not preset in upstream source code. \ |
| 53 | # Hence, CVE-2007-0613 does not affect other Yocto implementations and | 53 | Hence, CVE-2007-0613 does not affect other Yocto implementations and \ |
| 54 | # is not reported for other distros can be marked whitelisted. | 54 | is not reported for other distros can be marked whitelisted. \ |
| 55 | # Links: | 55 | Links: https://vulmon.com/vulnerabilitydetails?qid=CVE-2007-0613 \ |
| 56 | # https://vulmon.com/vulnerabilitydetails?qid=CVE-2007-0613 | 56 | https://www.incibe-cert.es/en/early-warning/vulnerabilities/cve-2007-0613 \ |
| 57 | # https://www.incibe-cert.es/en/early-warning/vulnerabilities/cve-2007-0613 | 57 | https://security-tracker.debian.org/tracker/CVE-2007-0613 \ |
| 58 | # https://security-tracker.debian.org/tracker/CVE-2007-0613 | 58 | https://vulmon.com/vulnerabilitydetails?qid=CVE-2007-0613" |
| 59 | # https://vulmon.com/vulnerabilitydetails?qid=CVE-2007-0613 | ||
| 60 | CVE_CHECK_IGNORE += "CVE-2007-0613" | ||
| 61 | 59 | ||
| 62 | PARALLEL_MAKE = "" | 60 | PARALLEL_MAKE = "" |
| 63 | 61 | ||