[3/8] cve-extra-exclusions: ignore CVE-2019-2708

Message ID	20260426120253.825060-3-peter.marko@siemens.com
State	Under Review
Headers	show Return-Path: <peter.marko@siemens.com> ip: 185.136.65.225, mailfrom: fm-256628-20260426120329c971408c6100020707-hhmvkz@rts-flowmailer.siemens.com) From: Peter Marko <peter.marko@siemens.com> To: openembedded-core@lists.openembedded.org Cc: Peter Marko <peter.marko@siemens.com> Subject: [PATCH 3/8] cve-extra-exclusions: ignore CVE-2019-2708 Date: Sun, 26 Apr 2026 14:02:48 +0200 Message-ID: <20260426120253.825060-3-peter.marko@siemens.com> In-Reply-To: <20260426120253.825060-1-peter.marko@siemens.com> References: <20260426120253.825060-1-peter.marko@siemens.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Feedback-ID: 519:519-256628:519-21489:flowmailer
Series	[1/8] harfbuzz: set status for CVE-2024-56732 \| expand [1/8] harfbuzz: set status for CVE-2024-56732 [2/8] gnutls: set status for CVE-2026-1584 [3/8] cve-extra-exclusions: ignore CVE-2019-2708 [4/8] bind: set status for CVE-2017-3139 [5/8] base-files: set status for CVE-2018-6557 [6/8] rsync: set status for CVE-2024-12084 [7/8] python3-requests: set status for CVE-2024-35195 [8/8] python3-requests: set status for CVE-2024-47081

Message ID

20260426120253.825060-3-peter.marko@siemens.com

State

Under Review

Headers

From: Peter Marko <peter.marko@siemens.com>
To: openembedded-core@lists.openembedded.org
Cc: Peter Marko <peter.marko@siemens.com>
Subject: [PATCH 3/8] cve-extra-exclusions: ignore CVE-2019-2708
Date: Sun, 26 Apr 2026 14:02:48 +0200
Message-ID: <20260426120253.825060-3-peter.marko@siemens.com>
In-Reply-To: <20260426120253.825060-1-peter.marko@siemens.com>
References: <20260426120253.825060-1-peter.marko@siemens.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Feedback-ID: 519:519-256628:519-21489:flowmailer

Series

[1/8] harfbuzz: set status for CVE-2024-56732 | expand

Commit Message

Peter Marko April 26, 2026, 12:02 p.m. UTC

From: Peter Marko <peter.marko@siemens.com>

Yet another CVE for berkeley DB, ignore as all others.

Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
 meta/conf/distro/include/cve-extra-exclusions.inc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/conf/distro/include/cve-extra-exclusions.inc b/meta/conf/distro/include/cve-extra-exclusions.inc
index ffbbb7bef1..0685549e00 100644
--- a/meta/conf/distro/include/cve-extra-exclusions.inc
+++ b/meta/conf/distro/include/cve-extra-exclusions.inc
@@ -49,7 +49,7 @@  CVE_STATUS_DB = "CVE-2015-2583 CVE-2015-2624 CVE-2015-2626 CVE-2015-2640 CVE-201
 CVE-2015-2656 CVE-2015-4754 CVE-2015-4764 CVE-2015-4774 CVE-2015-4775 CVE-2015-4776 CVE-2015-4777 \
 CVE-2015-4778 CVE-2015-4779 CVE-2015-4780 CVE-2015-4781 CVE-2015-4782 CVE-2015-4783 CVE-2015-4784 \
 CVE-2015-4785 CVE-2015-4786 CVE-2015-4787 CVE-2015-4788 CVE-2015-4789 CVE-2015-4790 CVE-2016-0682 \
-CVE-2016-0689 CVE-2016-0692 CVE-2016-0694 CVE-2016-3418 CVE-2020-2981"
+CVE-2016-0689 CVE-2016-0692 CVE-2016-0694 CVE-2016-3418 CVE-2019-2708 CVE-2020-2981"
 CVE_STATUS_DB[status] = "upstream-wontfix: cpe:*:berkeley_db: Since Oracle relicensed bdb, the open source community is slowly but surely \
 replacing bdb with supported and open source friendly alternatives. As a result this CVE is unlikely to ever be fixed."

[3/8] cve-extra-exclusions: ignore CVE-2019-2708

Commit Message

Patch