Message ID | 20220706094207.19551-1-davide.gardenal@huawei.com |
---|---|
State | Under Review |
Delegated to: | Armin Kuster |
Headers | show |
Series | [meta-networking,kirkstone,master] spice: ignore patched CVEs | expand |
diff --git a/meta-networking/recipes-support/spice/spice_git.bb b/meta-networking/recipes-support/spice/spice_git.bb index d9083bcbe..1887a5582 100644 --- a/meta-networking/recipes-support/spice/spice_git.bb +++ b/meta-networking/recipes-support/spice/spice_git.bb @@ -30,6 +30,12 @@ SRC_URI = " \ S = "${WORKDIR}/git" +CVE_CHECK_IGNORE += "\ + CVE-2016-0749 \ + CVE-2016-2150 \ + CVE-2018-10893 \ +" + inherit autotools gettext python3native python3-dir pkgconfig DEPENDS += "spice-protocol jpeg pixman alsa-lib glib-2.0 python3-pyparsing-native python3-six-native glib-2.0-native"
The following CVEs are already patched so we can ignore them: - CVE-2016-0749 - CVE-2016-2150 - CVE-2018-10893 This is caused by inaccurate CPE in the NVD database. Signed-off-by: Davide Gardenal <davide.gardenal@huawei.com> --- meta-networking/recipes-support/spice/spice_git.bb | 6 ++++++ 1 file changed, 6 insertions(+)