Message ID | 20240809055700.3231161-1-hetpat@cisco.com |
---|---|
State | Accepted, archived |
Commit | 119b775b36dfd51286493763cffb6e965893b8fd |
Headers | show |
Series | [master,v2] zlib: Add CVE_PRODUCT to exclude false positives | expand |
diff --git a/meta/recipes-core/zlib/zlib_1.3.1.bb b/meta/recipes-core/zlib/zlib_1.3.1.bb index e6a81ef789..486431dfff 100644 --- a/meta/recipes-core/zlib/zlib_1.3.1.bb +++ b/meta/recipes-core/zlib/zlib_1.3.1.bb @@ -47,4 +47,6 @@ do_install_ptest() { BBCLASSEXTEND = "native nativesdk" CVE_STATUS[CVE-2023-45853] = "not-applicable-config: we don't build minizip" -CVE_STATUS[CVE-2023-6992] = "cpe-incorrect: this CVE is for cloudflare zlib" + +# Adding 'CVE_PRODUCT' to avoid false detection of CVEs +CVE_PRODUCT = "zlib:zlib gnu:zlib"
To avoid false positives (such as CVE-2023-6992, cloudflare:zlib), add a CVE_PRODUCT to identify the vendors that have been used. Removing the present existing CVE_STATUS for CVE-2023-6992. Signed-off-by: Het Patel <hetpat@cisco.com> --- meta/recipes-core/zlib/zlib_1.3.1.bb | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-)