diff options
author | Ranjitsinh Rathod <ranjitsinh.rathod@kpit.com> | 2022-07-15 21:36:43 +0530 |
---|---|---|
committer | Steve Sakoman <steve@sakoman.com> | 2022-07-18 06:28:02 -1000 |
commit | 5cb48712e09ffb4198b36897495215e578f9fe62 (patch) | |
tree | 458515bf8e0ccf7030a3481e211768c4811d67ff | |
parent | bba069463ca3813666d084643b0239b9af0199e1 (diff) | |
download | openembedded-core-contrib-5cb48712e09ffb4198b36897495215e578f9fe62.tar.gz |
cve-extra-exclusions.inc: Use CVE_CHECK_WHITELIST
Use CVE_CHECK_WHITELIST as CVE_CHECK_IGNORE is not valid on dunfell
branch
Signed-off-by: Ranjitsinh Rathod <ranjitsinh.rathod@kpit.com>
Signed-off-by: Ranjitsinh Rathod <ranjitsinhrathod1991@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
-rw-r--r-- | meta/conf/distro/include/cve-extra-exclusions.inc | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/meta/conf/distro/include/cve-extra-exclusions.inc b/meta/conf/distro/include/cve-extra-exclusions.inc index 70442df991..f3490db9dd 100644 --- a/meta/conf/distro/include/cve-extra-exclusions.inc +++ b/meta/conf/distro/include/cve-extra-exclusions.inc @@ -57,19 +57,19 @@ CVE-2016-0689 CVE-2016-0692 CVE-2016-0694 CVE-2016-3418 CVE-2020-2981" # There was a proposed patch https://lists.gnu.org/archive/html/qemu-devel/2021-02/msg06098.html # qemu maintainers say the patch is incorrect and should not be applied # Ignore from OE's perspectivee as the issue is of low impact, at worst sitting in an infinite loop rather than exploitable -CVE_CHECK_IGNORE += "CVE-2021-20255" +CVE_CHECK_WHITELIST += "CVE-2021-20255" # qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-12067 # There was a proposed patch but rejected by upstream qemu. It is unclear if the issue can # still be reproduced or where exactly any bug is. # Ignore from OE's perspective as we'll pick up any fix when upstream accepts one. -CVE_CHECK_IGNORE += "CVE-2019-12067" +CVE_CHECK_WHITELIST += "CVE-2019-12067" # nasm:nasm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-18974 # It is a fuzzing related buffer overflow. It is of low impact since most devices # wouldn't expose an assembler. The upstream is inactive and there is little to be # done about the bug, ignore from an OE perspective. -CVE_CHECK_IGNORE += "CVE-2020-18974" +CVE_CHECK_WHITELIST += "CVE-2020-18974" |