The CVEs: * CVE-2019-16868 * CVE-2019-17073 * CVE-2021-44584 * CVE-2022-1526 * CVE-2022-3968 * CVE-2023-43291 ... apply to the other "emlog" and can be safely ignored.
Signed-off-by: Yoann Congal <[email protected]> --- meta-oe/recipes-core/emlog/emlog_git.bb | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/meta-oe/recipes-core/emlog/emlog_git.bb b/meta-oe/recipes-core/emlog/emlog_git.bb index 387dd6712..a503ab82b 100644 --- a/meta-oe/recipes-core/emlog/emlog_git.bb +++ b/meta-oe/recipes-core/emlog/emlog_git.bb @@ -24,3 +24,16 @@ do_install() { } RRECOMMENDS_${PN} += "kernel-module-emlog" + +# The NVD database doesn't have a CPE for this product, +# the name of this product is exactly the same as github.com/emlog/emlog +# but it's not related in any way. The following CVEs are from that project +# so they can be safely ignored +CVE_CHECK_WHITELIST += "\ + CVE-2019-16868 \ + CVE-2019-17073 \ + CVE-2021-44584 \ + CVE-2022-1526 \ + CVE-2022-3968 \ + CVE-2023-43291 \ +" -- 2.30.2
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#106706): https://lists.openembedded.org/g/openembedded-devel/message/106706 Mute This Topic: https://lists.openembedded.org/mt/102580870/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
