diff options
| author | Davide Gardenal <davidegarde2000@gmail.com> | 2022-07-04 11:40:55 +0200 |
|---|---|---|
| committer | Khem Raj <raj.khem@gmail.com> | 2022-07-06 00:08:14 -0400 |
| commit | eaf1ea2e1fe9201af66426cdab0ae680362fbf83 (patch) | |
| tree | 2e0078a6e06cb2b74a3c3cfd9a9f934baf6cafa8 | |
| parent | 19061fea1586fc259a2dfdcb61fc4235307dc6b4 (diff) | |
| download | meta-openembedded-eaf1ea2e1fe9201af66426cdab0ae680362fbf83.tar.gz | |
emlog: ignore unrelated CVEs
This product is not present in the NVD database but another
one with exactly the same name is in fact present. For that
reason cve-check is outputting CVEs that are unrelated so they
can be ignored.
Signed-off-by: Davide Gardenal <davide.gardenal@huawei.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
| -rw-r--r-- | meta-oe/recipes-core/emlog/emlog_git.bb | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/meta-oe/recipes-core/emlog/emlog_git.bb b/meta-oe/recipes-core/emlog/emlog_git.bb index be9ae58232..05fa0c334c 100644 --- a/meta-oe/recipes-core/emlog/emlog_git.bb +++ b/meta-oe/recipes-core/emlog/emlog_git.bb | |||
| @@ -24,3 +24,14 @@ do_install() { | |||
| 24 | } | 24 | } |
| 25 | 25 | ||
| 26 | RRECOMMENDS:${PN} += "kernel-module-emlog" | 26 | RRECOMMENDS:${PN} += "kernel-module-emlog" |
| 27 | |||
| 28 | # The NVD database doesn't have a CPE for this product, | ||
| 29 | # the name of this product is exactly the same as github.com/emlog/emlog | ||
| 30 | # but it's not related in any way. The following CVEs are from that project | ||
| 31 | # so they can be safely ignored | ||
| 32 | CVE_CHECK_IGNORE += "\ | ||
| 33 | CVE-2019-16868 \ | ||
| 34 | CVE-2019-17073 \ | ||
| 35 | CVE-2021-44584 \ | ||
| 36 | CVE-2022-1526 \ | ||
| 37 | " | ||