diff options
author | Davide Gardenal <davidegarde2000@gmail.com> | 2022-07-04 11:40:55 +0200 |
---|---|---|
committer | Khem Raj <raj.khem@gmail.com> | 2022-07-06 00:08:14 -0400 |
commit | eaf1ea2e1fe9201af66426cdab0ae680362fbf83 (patch) | |
tree | 2e0078a6e06cb2b74a3c3cfd9a9f934baf6cafa8 /meta-oe/recipes-core/emlog | |
parent | 19061fea1586fc259a2dfdcb61fc4235307dc6b4 (diff) | |
download | meta-openembedded-eaf1ea2e1fe9201af66426cdab0ae680362fbf83.tar.gz |
emlog: ignore unrelated CVEs
This product is not present in the NVD database but another
one with exactly the same name is in fact present. For that
reason cve-check is outputting CVEs that are unrelated so they
can be ignored.
Signed-off-by: Davide Gardenal <davide.gardenal@huawei.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Diffstat (limited to 'meta-oe/recipes-core/emlog')
-rw-r--r-- | meta-oe/recipes-core/emlog/emlog_git.bb | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/meta-oe/recipes-core/emlog/emlog_git.bb b/meta-oe/recipes-core/emlog/emlog_git.bb index be9ae58232..05fa0c334c 100644 --- a/meta-oe/recipes-core/emlog/emlog_git.bb +++ b/meta-oe/recipes-core/emlog/emlog_git.bb @@ -24,3 +24,14 @@ do_install() { } RRECOMMENDS:${PN} += "kernel-module-emlog" + +# The NVD database doesn't have a CPE for this product, +# the name of this product is exactly the same as github.com/emlog/emlog +# but it's not related in any way. The following CVEs are from that project +# so they can be safely ignored +CVE_CHECK_IGNORE += "\ + CVE-2019-16868 \ + CVE-2019-17073 \ + CVE-2021-44584 \ + CVE-2022-1526 \ +" |