From b40dd920f8b40eabe78db363249257818c63c074 Mon Sep 17 00:00:00 2001
From: Ross Burton <ross.burton@arm.com>
Date: Wed, 29 Jun 2022 16:15:18 +0100
Subject: cups: ignore CVE-2022-26691

This is fixed in 2.4.2, which we have, but the complex CPE in that CVE
isn't parsed by cve-check correctly so it thinks that we're vulnerable.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---
 meta/recipes-extended/cups/cups.inc | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'meta/recipes-extended/cups')

diff --git a/meta/recipes-extended/cups/cups.inc b/meta/recipes-extended/cups/cups.inc
index 8f2ad8a009..4592980766 100644
--- a/meta/recipes-extended/cups/cups.inc
+++ b/meta/recipes-extended/cups/cups.inc
@@ -26,6 +26,8 @@ CVE_CHECK_IGNORE += "CVE-2008-1033"
 CVE_CHECK_IGNORE += "CVE-2009-0032"
 # This is an Ubuntu only issue.
 CVE_CHECK_IGNORE += "CVE-2018-6553"
+# This is fixed in 2.4.2 but the cve-check class still reports it
+CVE_CHECK_IGNORE += "CVE-2022-26691"
 
 LEAD_SONAME = "libcupsdriver.so"
 
-- 
cgit 1.2.3-korg