diff mbox series

[kirkstone,4/5] gstreame1.0: ignore CVEs from gstreamer1.0-plugins-bad

Message ID 20241231212511.3649711-5-peter.marko@siemens.com
State Under Review
Delegated to: Steve Sakoman
Headers show
Series kirkstone CVE cleanup | expand

Commit Message

Peter Marko Dec. 31, 2024, 9:25 p.m. UTC 
From: Peter Marko <peter.marko@siemens.com>

These CVEs are patched in gstreamer1.0-plugins-bad.
CPE for gstreamer-plugins-bad mostly hits original gstreamer recipe.

Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
 meta/recipes-multimedia/gstreamer/gstreamer1.0_1.20.7.bb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
diff mbox series

Patch

diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.20.7.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.20.7.bb
index 2c9c6944b0..cf81620833 100644
--- a/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.20.7.bb
+++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.20.7.bb
@@ -69,7 +69,7 @@  FILES:${PN}-dbg += "${datadir}/gdb ${datadir}/gstreamer-1.0/gdb"
 
 CVE_PRODUCT = "gstreamer"
 
-# this CVE is patched in gstreamer1.0-plugins-bad
-CVE_CHECK_IGNORE += "CVE-2024-0444"
+# these CVEs are patched in gstreamer1.0-plugins-bad
+CVE_CHECK_IGNORE += "CVE-2023-40474 CVE-2023-40475 CVE-2023-40476 CVE-2023-44429 CVE-2023-44446 CVE-2023-50186 CVE-2024-0444"
 
 PTEST_BUILD_HOST_FILES = ""