| Message ID | 20250516111027.1710115-1-ross.burton@arm.com |
|---|---|
| State | Accepted, archived |
| Commit | 252b52ce3fd51acda6ab9108ea6354cb0885a4f7 |
| Headers | show |
| Series | Revert "xserver-xorg: mark CVEs fixed in 21.1.16 as fixed" | expand |
Would be great if someone could delete broken cve-check sqlite DBs from autobuilder infrastructure. It contains stale data from over a month ago and these reverts caused these CVEs to reappear on https://valkyrie.yocto.io/pub/non-release/patchmetrics/ Peter > -----Original Message----- > From: openembedded-core@lists.openembedded.org <openembedded- > core@lists.openembedded.org> On Behalf Of Ross Burton via > lists.openembedded.org > Sent: Friday, May 16, 2025 13:10 > To: openembedded-core@lists.openembedded.org > Subject: [OE-core] [PATCH] Revert "xserver-xorg: mark CVEs fixed in 21.1.16 as > fixed" > > The CPE data in the NVD database is now complete, so these overrides are > no longer needed. > > This reverts commit e3419fbaf2999a821e1890a12ab27285cc25b577. > > Signed-off-by: Ross Burton <ross.burton@arm.com> > --- > meta/recipes-graphics/xorg-xserver/xserver-xorg.inc | 4 ---- > 1 file changed, 4 deletions(-) > > diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xorg.inc b/meta/recipes- > graphics/xorg-xserver/xserver-xorg.inc > index fbe860c6ea2..7645f11c146 100644 > --- a/meta/recipes-graphics/xorg-xserver/xserver-xorg.inc > +++ b/meta/recipes-graphics/xorg-xserver/xserver-xorg.inc > @@ -154,7 +154,3 @@ python add_xorg_abi_depends() { > PACKAGEFUNCS =+ "add_xorg_abi_provides add_xorg_abi_depends" > > CVE_STATUS[CVE-2023-5574] = "${@bb.utils.contains('PACKAGECONFIG', > 'xvfb', 'unpatched', 'not-applicable-config: specific to Xvfb', d)}" > - > -CVE_STATUS_GROUPS = "CVE_STATUS_REDHAT" > -CVE_STATUS_REDHAT = "CVE-2025-26594 CVE-2025-26595 CVE-2025-26596 > CVE-2025-26597 CVE-2025-26598 CVE-2025-26599 CVE-2025-26600 CVE-2025- > 26601" > -CVE_STATUS_REDHAT[status] = "fixed-version: these are tracked as versionless > redhat CVEs in NVD DB, fixed in 21.1.16" > -- > 2.43.0
On Wed, 2025-05-21 at 11:25 +0000, Marko, Peter wrote: > Would be great if someone could delete broken cve-check sqlite DBs > from autobuilder infrastructure. > It contains stale data from over a month ago and these reverts caused > these CVEs to reappear on > https://valkyrie.yocto.io/pub/non-release/patchmetrics/ I went ahead and did this. Cheers, Richard
diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xorg.inc b/meta/recipes-graphics/xorg-xserver/xserver-xorg.inc index fbe860c6ea2..7645f11c146 100644 --- a/meta/recipes-graphics/xorg-xserver/xserver-xorg.inc +++ b/meta/recipes-graphics/xorg-xserver/xserver-xorg.inc @@ -154,7 +154,3 @@ python add_xorg_abi_depends() { PACKAGEFUNCS =+ "add_xorg_abi_provides add_xorg_abi_depends" CVE_STATUS[CVE-2023-5574] = "${@bb.utils.contains('PACKAGECONFIG', 'xvfb', 'unpatched', 'not-applicable-config: specific to Xvfb', d)}" - -CVE_STATUS_GROUPS = "CVE_STATUS_REDHAT" -CVE_STATUS_REDHAT = "CVE-2025-26594 CVE-2025-26595 CVE-2025-26596 CVE-2025-26597 CVE-2025-26598 CVE-2025-26599 CVE-2025-26600 CVE-2025-26601" -CVE_STATUS_REDHAT[status] = "fixed-version: these are tracked as versionless redhat CVEs in NVD DB, fixed in 21.1.16"
The CPE data in the NVD database is now complete, so these overrides are no longer needed. This reverts commit e3419fbaf2999a821e1890a12ab27285cc25b577. Signed-off-by: Ross Burton <ross.burton@arm.com> --- meta/recipes-graphics/xorg-xserver/xserver-xorg.inc | 4 ---- 1 file changed, 4 deletions(-)