From 13646f9380292409dc2953e64c71da11168e2d9d Mon Sep 17 00:00:00 2001
From: Davide Gardenal <davidegarde2000@gmail.com>
Date: Tue, 14 Nov 2023 18:06:54 +0100
Subject: openflow: ignore CVE-2018-1078

CVE-2018-1078 is not for openflow but in the NVD database the
CVE is for a specific implementation that we don't have so we
can ignore it.

Signed-off-by: Davide Gardenal <davide.gardenal@huawei.com>
(cherry picked from commit c1e7b0b993c294d52737e8e631badb5aaaefd2e3)
Backported: Changed CVE_CHECK_IGNORE to CVE_CHECK_WHITELIST
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
 meta-networking/recipes-protocols/openflow/openflow.inc | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/meta-networking/recipes-protocols/openflow/openflow.inc b/meta-networking/recipes-protocols/openflow/openflow.inc
index ab538c620e..c425b48e19 100644
--- a/meta-networking/recipes-protocols/openflow/openflow.inc
+++ b/meta-networking/recipes-protocols/openflow/openflow.inc
@@ -35,3 +35,7 @@ do_install_append() {
     # Remove /var/run as it is created on startup
     rm -rf ${D}${localstatedir}/run
 }
+
+# This CVE is not for this product but cve-check assumes it is
+# because two CPE collides when checking the NVD database
+CVE_CHECK_WHITELIST = "CVE-2018-1078"
-- 
cgit 1.2.3-korg