diff mbox series

[5/8] base-files: set status for CVE-2018-6557

Message ID 20260426120253.825060-5-peter.marko@siemens.com
State Under Review
Headers show
Series [1/8] harfbuzz: set status for CVE-2024-56732 | expand

Commit Message

Peter Marko April 26, 2026, 12:02 p.m. UTC 
From: Peter Marko <peter.marko@siemens.com>

CPE in NVD [1] shows ubuntu.
Debian [1] says "Ubuntu specific motd update code".
cvelistV5 has unparseable CPE so it sbom-cve-check assumes vulnerable
  ("lessThan": "10.1ubuntu2.2").

Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
 meta/recipes-core/base-files/base-files_3.0.14.bb | 2 ++
 1 file changed, 2 insertions(+)
diff mbox series

Patch

diff --git a/meta/recipes-core/base-files/base-files_3.0.14.bb b/meta/recipes-core/base-files/base-files_3.0.14.bb
index 3f01bb35d9..d4d777b485 100644
--- a/meta/recipes-core/base-files/base-files_3.0.14.bb
+++ b/meta/recipes-core/base-files/base-files_3.0.14.bb
@@ -167,3 +167,5 @@  CONFFILES:${PN} = "${sysconfdir}/fstab ${@['', '${sysconfdir}/hostname ${sysconf
 CONFFILES:${PN} += "${sysconfdir}/motd ${sysconfdir}/nsswitch.conf ${sysconfdir}/profile"
 
 INSANE_SKIP:${PN} += "empty-dirs"
+
+CVE_STATUS[CVE-2018-6557] = "not-applicable-platform: Ubuntu specific motd update code"