diff options
author | Yoann Congal <yoann.congal@smile.fr> | 2023-11-14 11:23:50 +0100 |
---|---|---|
committer | Armin Kuster <akuster808@gmail.com> | 2023-12-17 15:36:41 -0500 |
commit | b9c0cacc11ce8e6252b89614beb8d45e56591052 (patch) | |
tree | 7fb8c6701f93c9fab385b8abf78136ce8c4e2c00 | |
parent | 77a7a2881d246b2f9f8f8dc1b5fe71eae821f652 (diff) | |
download | meta-openembedded-contrib-b9c0cacc11ce8e6252b89614beb8d45e56591052.tar.gz |
emlog: ignore inapplicable CVEs
The CVEs:
* CVE-2019-16868
* CVE-2019-17073
* CVE-2021-44584
* CVE-2022-1526
* CVE-2022-3968
* CVE-2023-43291
... apply to the other "emlog" and can be safely ignored.
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
-rw-r--r-- | meta-oe/recipes-core/emlog/emlog_git.bb | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/meta-oe/recipes-core/emlog/emlog_git.bb b/meta-oe/recipes-core/emlog/emlog_git.bb index 387dd67123..a503ab82b8 100644 --- a/meta-oe/recipes-core/emlog/emlog_git.bb +++ b/meta-oe/recipes-core/emlog/emlog_git.bb @@ -24,3 +24,16 @@ do_install() { } RRECOMMENDS_${PN} += "kernel-module-emlog" + +# The NVD database doesn't have a CPE for this product, +# the name of this product is exactly the same as github.com/emlog/emlog +# but it's not related in any way. The following CVEs are from that project +# so they can be safely ignored +CVE_CHECK_WHITELIST += "\ + CVE-2019-16868 \ + CVE-2019-17073 \ + CVE-2021-44584 \ + CVE-2022-1526 \ + CVE-2022-3968 \ + CVE-2023-43291 \ +" |