diff options
author | Yoann Congal <yoann.congal@smile.fr> | 2023-11-14 11:23:50 +0100 |
---|---|---|
committer | Armin Kuster <akuster808@gmail.com> | 2023-11-14 19:04:09 -0500 |
commit | 1d7090422c8847e603ef146a7aa76db6fbc08e4d (patch) | |
tree | 7fb8c6701f93c9fab385b8abf78136ce8c4e2c00 | |
parent | 2541f5967df049149be14e498cda2150fb0a2ffd (diff) | |
download | meta-openembedded-contrib-1d7090422c8847e603ef146a7aa76db6fbc08e4d.tar.gz |
emlog: ignore inapplicable CVEs
The CVEs:
* CVE-2019-16868
* CVE-2019-17073
* CVE-2021-44584
* CVE-2022-1526
* CVE-2022-3968
* CVE-2023-43291
... apply to the other "emlog" and can be safely ignored.
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
-rw-r--r-- | meta-oe/recipes-core/emlog/emlog_git.bb | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/meta-oe/recipes-core/emlog/emlog_git.bb b/meta-oe/recipes-core/emlog/emlog_git.bb index 387dd67123..a503ab82b8 100644 --- a/meta-oe/recipes-core/emlog/emlog_git.bb +++ b/meta-oe/recipes-core/emlog/emlog_git.bb @@ -24,3 +24,16 @@ do_install() { } RRECOMMENDS_${PN} += "kernel-module-emlog" + +# The NVD database doesn't have a CPE for this product, +# the name of this product is exactly the same as github.com/emlog/emlog +# but it's not related in any way. The following CVEs are from that project +# so they can be safely ignored +CVE_CHECK_WHITELIST += "\ + CVE-2019-16868 \ + CVE-2019-17073 \ + CVE-2021-44584 \ + CVE-2022-1526 \ + CVE-2022-3968 \ + CVE-2023-43291 \ +" |