diff options
Diffstat (limited to 'meta/conf/cve-check-map.conf')
| -rw-r--r-- | meta/conf/cve-check-map.conf | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/meta/conf/cve-check-map.conf b/meta/conf/cve-check-map.conf index ac956379d1..fc49fe0a50 100644 --- a/meta/conf/cve-check-map.conf +++ b/meta/conf/cve-check-map.conf | |||
| @@ -28,8 +28,12 @@ CVE_CHECK_STATUSMAP[cpe-incorrect] = "Ignored" | |||
| 28 | CVE_CHECK_STATUSMAP[disputed] = "Ignored" | 28 | CVE_CHECK_STATUSMAP[disputed] = "Ignored" |
| 29 | # use when vulnerability depends on build or runtime configuration which is not used | 29 | # use when vulnerability depends on build or runtime configuration which is not used |
| 30 | CVE_CHECK_STATUSMAP[not-applicable-config] = "Ignored" | 30 | CVE_CHECK_STATUSMAP[not-applicable-config] = "Ignored" |
| 31 | CVE_CHECK_VEX_JUSTIFICATION[not-applicable-config] = "vulnerableCodeNotPresent" | ||
| 32 | |||
| 31 | # use when vulnerability affects other platform (e.g. Windows or Debian) | 33 | # use when vulnerability affects other platform (e.g. Windows or Debian) |
| 32 | CVE_CHECK_STATUSMAP[not-applicable-platform] = "Ignored" | 34 | CVE_CHECK_STATUSMAP[not-applicable-platform] = "Ignored" |
| 35 | CVE_CHECK_VEX_JUSTIFICATION[not-applicable-platform] = "vulnerableCodeNotPresent" | ||
| 36 | |||
| 33 | # use when upstream acknowledged the vulnerability but does not plan to fix it | 37 | # use when upstream acknowledged the vulnerability but does not plan to fix it |
| 34 | CVE_CHECK_STATUSMAP[upstream-wontfix] = "Ignored" | 38 | CVE_CHECK_STATUSMAP[upstream-wontfix] = "Ignored" |
| 35 | 39 | ||