diff options
| author | Het Patel <hetpat@cisco.com> | 2024-08-08 22:57:00 -0700 |
|---|---|---|
| committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2024-08-09 22:33:38 +0100 |
| commit | 791a279af0659d8bffe711283f67b5274c46bd75 (patch) | |
| tree | fc366a5c867ea876c7924ca701d8b8ba51268d82 /meta/recipes-core/zlib/zlib_1.3.1.bb | |
| parent | 4ffee489c6dea3e6867b46b685335fc1271eec98 (diff) | |
| download | poky-791a279af0659d8bffe711283f67b5274c46bd75.tar.gz | |
zlib: Add CVE_PRODUCT to exclude false positives
To avoid false positives (such as CVE-2023-6992, cloudflare:zlib), add a
CVE_PRODUCT to identify the vendors that have been used.
Removing the present existing CVE_STATUS for CVE-2023-6992.
(From OE-Core rev: 119b775b36dfd51286493763cffb6e965893b8fd)
Signed-off-by: Het Patel <hetpat@cisco.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-core/zlib/zlib_1.3.1.bb')
| -rw-r--r-- | meta/recipes-core/zlib/zlib_1.3.1.bb | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/meta/recipes-core/zlib/zlib_1.3.1.bb b/meta/recipes-core/zlib/zlib_1.3.1.bb index e6a81ef789..486431dfff 100644 --- a/meta/recipes-core/zlib/zlib_1.3.1.bb +++ b/meta/recipes-core/zlib/zlib_1.3.1.bb | |||
| @@ -47,4 +47,6 @@ do_install_ptest() { | |||
| 47 | BBCLASSEXTEND = "native nativesdk" | 47 | BBCLASSEXTEND = "native nativesdk" |
| 48 | 48 | ||
| 49 | CVE_STATUS[CVE-2023-45853] = "not-applicable-config: we don't build minizip" | 49 | CVE_STATUS[CVE-2023-45853] = "not-applicable-config: we don't build minizip" |
| 50 | CVE_STATUS[CVE-2023-6992] = "cpe-incorrect: this CVE is for cloudflare zlib" | 50 | |
| 51 | # Adding 'CVE_PRODUCT' to avoid false detection of CVEs | ||
| 52 | CVE_PRODUCT = "zlib:zlib gnu:zlib" | ||