CVE-2022-3734 only affects Windows. CVE-2022-0543 affects only packages that were packaged for Debian and Debian-derivative distros.
Neither of these issues is present in upstream Redis. Signed-off-by: Gyorgy Sarvari <[email protected]> --- meta-oe/recipes-extended/redis/redis_7.0.15.bb | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/meta-oe/recipes-extended/redis/redis_7.0.15.bb b/meta-oe/recipes-extended/redis/redis_7.0.15.bb index 7b5d55467d..61a088775b 100644 --- a/meta-oe/recipes-extended/redis/redis_7.0.15.bb +++ b/meta-oe/recipes-extended/redis/redis_7.0.15.bb @@ -34,6 +34,11 @@ SRC_URI[sha256sum] = "98066f5363504b26c34dd20fbcc3c957990d764cdf42576c836fc02107 inherit autotools-brokensep update-rc.d systemd useradd +# not-applicable-config: the vulnerability is not present in upstream, only in Debian-packaged version +CVE_CHECK_IGNORE += "CVE-2022-0543" +# not-applicable-config: only affects Windows +CVE_CHECK_IGNORE += "CVE-2022-3734" + FINAL_LIBS:x86:toolchain-clang = "-latomic" FINAL_LIBS:riscv32:toolchain-clang = "-latomic" FINAL_LIBS:mips = "-latomic"
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#121996): https://lists.openembedded.org/g/openembedded-devel/message/121996 Mute This Topic: https://lists.openembedded.org/mt/116438166/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
