cve-extra-exclusions: ignore inapplicable linux-yocto CVEs - openembedded-core-contrib - OpenEmbedded Core user contribution trees

diff options

author	Geoffrey GIRY <geoffrey.giry@smile.fr>	2023-04-05 12:34:54 +0200
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2023-04-05 17:25:45 +0100
commit	5feb065f1b1aaf218f71cc9d31a9251b139b9442 (patch)
tree	b88d45a1c6fcd75db61853b04e60bba0476956c7 /meta/recipes-devtools/qemu/qemu
parent	b3e2729f686ff6e16e11590bcd701c057ae5f1e2 (diff)
download	openembedded-core-contrib-5feb065f1b1aaf218f71cc9d31a9251b139b9442.tar.gz

cve-extra-exclusions: ignore inapplicable linux-yocto CVEs

Multiple CVEs are patched in kernel but appear as active because the NVD database is not up to date. In common file cve-extra-exclusion.inc, CVEs are ignored if and only if all versions of kernel used are patched. In cve-exclusion_6.1.inc, only ignore CVEs that are patched in v6.1, and not patched in v5.15. Recipes of version 6.1 should include this file. Reviewed-by: Yoann Congal <yoann.congal@smile.fr> Signed-off-by: Geoffrey GIRY <geoffrey.giry@smile.fr> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

Diffstat (limited to 'meta/recipes-devtools/qemu/qemu')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: