From dd25c788894b190f6ba034a4faf47cb4ffef07de Mon Sep 17 00:00:00 2001
From: Davide Gardenal <davidegarde2000@gmail.com>
Date: Wed, 6 Jul 2022 11:42:07 +0200
Subject: spice: ignore patched CVEs

The following CVEs are already patched so we can ignore them:
- CVE-2016-0749
- CVE-2016-2150
- CVE-2018-10893

This is caused by inaccurate CPE in the NVD database.

Signed-off-by: Davide Gardenal <davide.gardenal@huawei.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
 meta-networking/recipes-support/spice/spice_git.bb | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'meta-networking')

diff --git a/meta-networking/recipes-support/spice/spice_git.bb b/meta-networking/recipes-support/spice/spice_git.bb
index d9083bcbe8..1887a5582f 100644
--- a/meta-networking/recipes-support/spice/spice_git.bb
+++ b/meta-networking/recipes-support/spice/spice_git.bb
@@ -30,6 +30,12 @@ SRC_URI = " \
 
 S = "${WORKDIR}/git"
 
+CVE_CHECK_IGNORE += "\
+    CVE-2016-0749 \
+    CVE-2016-2150 \
+    CVE-2018-10893 \
+"
+
 inherit autotools gettext python3native python3-dir pkgconfig
 
 DEPENDS += "spice-protocol jpeg pixman alsa-lib glib-2.0 python3-pyparsing-native python3-six-native glib-2.0-native"
-- 
cgit 1.2.3-korg