On 7/29/23 5:34 PM, Marko, Peter wrote:
Hi Armin,
Gentle ping to pick this commit to kirkstone.
merged. thanks.
-armin
Thanks,
Peter
-----Original Message-----
From: yocto@lists.yoctoproject.org <yocto@lists.yoctoproject.org> On Behalf Of
Peter Marko via lists.yoctoproject.org
Sent: Friday, June 30, 2023 0:10
To: yocto@lists.yoctoproject.org
Cc: Marko, Peter (ADV D EU SK BFS1) <peter.ma...@siemens.com>
Subject: [yocto] [meta-security][kirkstone][PATCH] tpm2-tss: ignore
CVE-2023-22745
From: Peter Marko <peter.ma...@siemens.com>
As already mentioned in upgrade commit, this CVE is fixed.
But cve_check still reports it as NVD DB was not updated.
Signed-off-by: Peter Marko <peter.ma...@siemens.com>
---
meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_3.2.2.bb | 3 +++
1 file changed, 3 insertions(+)
diff --git a/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_3.2.2.bb
b/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_3.2.2.bb
index 9b76c2f..4d2c911 100644
--- a/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_3.2.2.bb
+++ b/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_3.2.2.bb
@@ -88,3 +88,6 @@ FILES:${PN} = "\
${sysconfdir}/sysusers.d"
RDEPENDS:libtss2 = "libgcrypt"
+
+# This is patched in 3.2.2, NVD DB was not updated to reflect this backport
+CVE_CHECK_IGNORE += "CVE-2023-22745"
--
2.30.2
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#60684): https://lists.yoctoproject.org/g/yocto/message/60684
Mute This Topic: https://lists.yoctoproject.org/mt/99860566/21656
Group Owner: yocto+ow...@lists.yoctoproject.org
Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
