From bf84ac1c4c1a00c2aa92a09fbdfae128d055fe05 Mon Sep 17 00:00:00 2001
From: Ninette Adhikari <ninette@thehoodiefirm.com>
Date: Wed, 26 Jun 2024 07:21:09 -0700
Subject: mercurial: Update CVE status for CVE-2022-43410

The recipe used in the `meta-openembedded` is a different mercurial package compared to the one which has the CVE issue.
Package used in `meta-embedded`: https://www.mercurial-scm.org/
Package with CVE issue is a Jenkins plugin: https://plugins.jenkins.io/mercurial/
(This is reflected in the CPE)

Signed-off-by: Ninette Adhikari <ninette@thehoodiefirm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
 meta-oe/recipes-devtools/mercurial/mercurial_6.6.3.bb | 1 +
 1 file changed, 1 insertion(+)

diff --git a/meta-oe/recipes-devtools/mercurial/mercurial_6.6.3.bb b/meta-oe/recipes-devtools/mercurial/mercurial_6.6.3.bb
index 89e6744dca..395a330790 100644
--- a/meta-oe/recipes-devtools/mercurial/mercurial_6.6.3.bb
+++ b/meta-oe/recipes-devtools/mercurial/mercurial_6.6.3.bb
@@ -34,3 +34,4 @@ PACKAGES =+ "${PN}-python"
 FILES:${PN} += "${PYTHON_SITEPACKAGES_DIR} ${datadir}"
 FILES:${PN}-python = "${nonarch_libdir}/${PYTHON_DIR}"
 
+CVE_STATUS[CVE-2022-43410] = "cpe-incorrect: The recipe used in the `meta-openembedded` is a different mercurial package compared to the one which has the CVE issue."
-- 
cgit v1.2.3-54-g00ecf