cve_check: convert CVE_CHECK_IGNORE to CVE_STATUS

- Try to add convert and apply statuses for old CVEs - Drop some obsolete ignores, while they are not relevant for current version Signed-off-by: Andrej Valek <andrej.valek@siemens.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
author: Andrej Valek <andrej.valek@siemens.com> 2023-07-26 11:50:09 +0200
committer: Khem Raj <raj.khem@gmail.com> 2023-07-27 08:54:40 -0700
commit: 8af2f17a6fa8bf282c4c27054adbea1bf0873069 (patch)
tree: 22b6484379a0f3d3e2b89f958dda0fd45f2a1880 /meta-oe/recipes-support/pidgin
parent: 4c201ede939610946847ccd4221320ed776224aa (diff)
download: meta-openembedded-contrib-8af2f17a6fa8bf282c4c27054adbea1bf0873069.tar.gz
1 files changed, 2 insertions, 4 deletions
diff --git a/meta-oe/recipes-support/pidgin/pidgin_2.14.2.bb b/meta-oe/recipes-support/pidgin/pidgin_2.14.2.bb
index 3d8a45786d..3a0cc02299 100644
--- a/meta-oe/recipes-support/pidgin/pidgin_2.14.2.bb
+++ b/meta-oe/recipes-support/pidgin/pidgin_2.14.2.bb
@@ -15,10 +15,8 @@ SRC_URI = "\
 
 SRC_URI[sha256sum] = "19654ad276b149646371fbdac21bc7620742f2975f7399fed0ffc1a18fbaf603"
 
-CVE_CHECK_IGNORE += "\
-    CVE-2010-1624 \
-    CVE-2011-3594 \
-"
+CVE_CHECK_STATUS[CVE-2010-1624] = "fixed-version: The CPE in the NVD database doesn't reflect correctly the vulnerable versions."
+CVE_CHECK_STATUS[CVE-2011-3594] = "fixed-version: The CPE in the NVD database doesn't reflect correctly the vulnerable versions."
 
 PACKAGECONFIG ??= "gnutls consoleui avahi dbus idn nss \
     ${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'x11 gtk startup-notification', '', d)} \
author	Andrej Valek <andrej.valek@siemens.com>	2023-07-26 11:50:09 +0200
committer	Khem Raj <raj.khem@gmail.com>	2023-07-27 08:54:40 -0700
commit	8af2f17a6fa8bf282c4c27054adbea1bf0873069 (patch)
tree	22b6484379a0f3d3e2b89f958dda0fd45f2a1880 /meta-oe/recipes-support/pidgin
parent	4c201ede939610946847ccd4221320ed776224aa (diff)
download	meta-openembedded-contrib-8af2f17a6fa8bf282c4c27054adbea1bf0873069.tar.gz