From: Davide Gardenal <[email protected]> CVE-2018-1078 is not for openflow but in the NVD database the CVE is for a specific implementation that we don't have so we can ignore it.
Signed-off-by: Davide Gardenal <[email protected]> (cherry picked from commit c1e7b0b993c294d52737e8e631badb5aaaefd2e3) Backported: Changed CVE_CHECK_IGNORE to CVE_CHECK_WHITELIST Signed-off-by: Yoann Congal <[email protected]> --- meta-networking/recipes-protocols/openflow/openflow.inc | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/meta-networking/recipes-protocols/openflow/openflow.inc b/meta-networking/recipes-protocols/openflow/openflow.inc index ab538c620..c425b48e1 100644 --- a/meta-networking/recipes-protocols/openflow/openflow.inc +++ b/meta-networking/recipes-protocols/openflow/openflow.inc @@ -35,3 +35,7 @@ do_install_append() { # Remove /var/run as it is created on startup rm -rf ${D}${localstatedir}/run } + +# This CVE is not for this product but cve-check assumes it is +# because two CPE collides when checking the NVD database +CVE_CHECK_WHITELIST = "CVE-2018-1078" -- 2.30.2
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#106720): https://lists.openembedded.org/g/openembedded-devel/message/106720 Mute This Topic: https://lists.openembedded.org/mt/102587752/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
