gstreamer-plugins-good: ignore CVE-2021-3497/8 since they are fixed

CPE entries for gst-plugins-good are listed as gstreamer issues so we need to ignore the false hits for the two CVEs we've patched Signed-off-by: Steve Sakoman <steve@sakoman.com>
author: Steve Sakoman <steve@sakoman.com> 2021-07-14 12:14:20 -1000
committer: Steve Sakoman <steve@sakoman.com> 2021-07-14 12:27:38 -1000
commit: d853e2bde1ea083f8438e8d7a80f041196d2e38d (patch)
tree: c245caed347c116527e5f7d3810bbb14b57e41d6
parent: f32e90a7f8918aacda61ef6176eb1655742045b4 (diff)
download: openembedded-core-d853e2bde1ea083f8438e8d7a80f041196d2e38d.tar.gz
1 files changed, 5 insertions, 0 deletions
diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.16.3.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.16.3.bb
index 1038cbf224..e8830103ce 100644
--- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.16.3.bb
+++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.16.3.bb
@@ -15,6 +15,11 @@ SRC_URI = " \
 SRC_URI[md5sum] = "c79b6c2f8eaadb2bb66615b694db399e"
 SRC_URI[sha256sum] = "d3a23a3fe73de673f591b7655494990c9e8a0e22a3c70d6f1dbf50198b29f85f"
 
+# CPE entries for gst-plugins-good are listed as gstreamer issues
+# so we need to ignore the false hit
+CVE_CHECK_WHITELIST += "CVE-2021-3497"
+CVE_CHECK_WHITELIST += "CVE-2021-3498"
+
 S = "${WORKDIR}/gst-plugins-good-${PV}"
 
 LICENSE = "GPLv2+ & LGPLv2.1+"
author	Steve Sakoman <steve@sakoman.com>	2021-07-14 12:14:20 -1000
committer	Steve Sakoman <steve@sakoman.com>	2021-07-14 12:27:38 -1000
commit	d853e2bde1ea083f8438e8d7a80f041196d2e38d (patch)
tree	c245caed347c116527e5f7d3810bbb14b57e41d6
parent	f32e90a7f8918aacda61ef6176eb1655742045b4 (diff)
download	openembedded-core-d853e2bde1ea083f8438e8d7a80f041196d2e38d.tar.gz