ovmf: set CVE_STATUS for CVE-2014-8271

CVE-2014-8271 has an unusual versioning, svn_16280, which breaks the version comparison and gives us warning like below: Failed to compare 202308 < svn_16280 for CVE-2014-8271 The fix has been there since 2014, our current version has included the fix. Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Chen Qi <Qi.Chen@windriver.com> 2024-04-06 12:41:29 +0800
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2024-04-08 11:01:05 +0100
commit: fdd74b3f3e3a8a07a6107e6ef07198ebe63d2bc8 (patch)
tree: 6e31b80d1d5e206673cac1d9b1365c0d216a5589 /meta/recipes-core
parent: 486ed69939f1b7572f121960c2dde246032686e7 (diff)
download: openembedded-core-fdd74b3f3e3a8a07a6107e6ef07198ebe63d2bc8.tar.gz
1 files changed, 2 insertions, 0 deletions
diff --git a/meta/recipes-core/ovmf/ovmf_git.bb b/meta/recipes-core/ovmf/ovmf_git.bb
index 5b1353b8e8..f98cec8035 100644
--- a/meta/recipes-core/ovmf/ovmf_git.bb
+++ b/meta/recipes-core/ovmf/ovmf_git.bb
@@ -33,6 +33,8 @@ UPSTREAM_CHECK_GITTAGREGEX = "(?P<pver>edk2-stable.*)"
 CVE_PRODUCT = "edk2"
 CVE_VERSION = "${@d.getVar('PV').split('stable')[1]}"
 
+CVE_STATUS[CVE-2014-8271] = "fixed-version: Fixed in svn_16280, which is an unusual versioning breaking version comparison."
+
 inherit deploy
 
 PARALLEL_MAKE = ""
author	Chen Qi <Qi.Chen@windriver.com>	2024-04-06 12:41:29 +0800
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2024-04-08 11:01:05 +0100
commit	fdd74b3f3e3a8a07a6107e6ef07198ebe63d2bc8 (patch)
tree	6e31b80d1d5e206673cac1d9b1365c0d216a5589 /meta/recipes-core
parent	486ed69939f1b7572f121960c2dde246032686e7 (diff)
download	openembedded-core-fdd74b3f3e3a8a07a6107e6ef07198ebe63d2bc8.tar.gz