CVE-2022-3734 only affects Windows. CVE-2022-0543 affects only packages that were packaged for Debian and Debian-derivative distros.
Neither of these issues is present in upstream Redis. Signed-off-by: Gyorgy Sarvari <[email protected]> Signed-off-by: Khem Raj <[email protected]> (cherry picked from commit 8f1269507ad95d56aeab3cdd0c0178e194506ca8) Adapted to Kirkstone (CVE_STATUS -> CVE_CHECK_IGNORE) Signed-off-by: Gyorgy Sarvari <[email protected]> --- meta-oe/recipes-extended/redis/redis_6.2.12.bb | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/meta-oe/recipes-extended/redis/redis_6.2.12.bb b/meta-oe/recipes-extended/redis/redis_6.2.12.bb index 0fdd3da327..5de97c5e77 100644 --- a/meta-oe/recipes-extended/redis/redis_6.2.12.bb +++ b/meta-oe/recipes-extended/redis/redis_6.2.12.bb @@ -25,6 +25,11 @@ SRC_URI[sha256sum] = "75352eef41e97e84bfa94292cbac79e5add5345fc79787df5cbdff7033 inherit autotools-brokensep update-rc.d systemd useradd +# not-applicable-config: the vulnerability is not present in upstream, only in Debian-packaged version +CVE_CHECK_IGNORE += "CVE-2022-0543" +# not-applicable-config: only affects Windows +CVE_CHECK_IGNORE += "CVE-2022-3734" + FINAL_LIBS:x86:toolchain-clang = "-latomic" FINAL_LIBS:riscv32:toolchain-clang = "-latomic" FINAL_LIBS:mips = "-latomic"
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#121993): https://lists.openembedded.org/g/openembedded-devel/message/121993 Mute This Topic: https://lists.openembedded.org/mt/116438163/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
