qemu: ignore CVE-2021-20295 CVE-2023-2680

Ignore RHEL specific CVE-2021-20295 CVE-2023-2680. Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
author: Lee Chee Yang <chee.yang.lee@intel.com> 2023-12-05 10:15:52 +0800
committer: Steve Sakoman <steve@sakoman.com> 2023-12-06 04:16:56 -1000
commit: 2c0822d9e7b8e7d013ef89c7e82e19fff39228a9 (patch)
tree: 22619dac6004234c7ecd28eecdbf2409352245b2
parent: 507b9de9df375721cd307163fe06c3ee567385e8 (diff)
download: openembedded-core-contrib-2c0822d9e7b8e7d013ef89c7e82e19fff39228a9.tar.gz
1 files changed, 7 insertions, 0 deletions
diff --git a/meta/recipes-devtools/qemu/qemu.inc b/meta/recipes-devtools/qemu/qemu.inc
index a24915c35c..9dd90e8789 100644
--- a/meta/recipes-devtools/qemu/qemu.inc
+++ b/meta/recipes-devtools/qemu/qemu.inc
@@ -166,6 +166,13 @@ CVE_CHECK_WHITELIST += "CVE-2020-27661"
 # this bug related to windows specific.
 CVE_CHECK_WHITELIST += "CVE-2023-0664"
 
+# As per https://bugzilla.redhat.com/show_bug.cgi?id=2203387
+# RHEL specific issue
+CVE_CHECK_WHITELIST += "CVE-2023-2680"
+
+# Affected only `qemu-kvm` shipped with Red Hat Enterprise Linux 8.3 release.
+CVE_CHECK_WHITELIST += "CVE-2021-20295"
+
 COMPATIBLE_HOST_mipsarchn32 = "null"
 COMPATIBLE_HOST_mipsarchn64 = "null"
author	Lee Chee Yang <chee.yang.lee@intel.com>	2023-12-05 10:15:52 +0800
committer	Steve Sakoman <steve@sakoman.com>	2023-12-06 04:16:56 -1000
commit	2c0822d9e7b8e7d013ef89c7e82e19fff39228a9 (patch)
tree	22619dac6004234c7ecd28eecdbf2409352245b2
parent	507b9de9df375721cd307163fe06c3ee567385e8 (diff)
download	openembedded-core-contrib-2c0822d9e7b8e7d013ef89c7e82e19fff39228a9.tar.gz