[meta-oe,scarthgap,5/8] redis: ignore CVE-2022-0543

Message ID	20251130203511.462501-5-skandigraun@gmail.com
State	New
Headers	show Return-Path: <skandigraun@gmail.com> ip: 209.85.128.48, mailfrom: skandigraun@gmail.com) From: Gyorgy Sarvari <skandigraun@gmail.com> To: openembedded-devel@lists.openembedded.org Subject: [meta-oe][scarthgap][PATCH 5/8] redis: ignore CVE-2022-0543 Date: Sun, 30 Nov 2025 21:35:08 +0100 Message-ID: <20251130203511.462501-5-skandigraun@gmail.com> In-Reply-To: <20251130203511.462501-1-skandigraun@gmail.com> References: <20251130203511.462501-1-skandigraun@gmail.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit
Series	[meta-oe,scarthgap,1/8] yasm: add alternative CVE_PRODUCT \| expand [meta-oe,scarthgap,1/8] yasm: add alternative CVE_PRODUCT [meta-oe,scarthgap,2/8] yasm: patch CVE-2023-29579 [meta-oe,scarthgap,3/8] yasm: patch CVE-2021-33464 [meta-oe,scarthgap,4/8] yasm: patch CVE-2021-33456 [meta-oe,scarthgap,5/8] redis: ignore CVE-2022-0543 [meta-oe,scarthgap,6/8] redis: handle CVE-2025-27151 [meta-networking,scarthgap,7/8] nbdkit: patch CVE-2025-47711 [meta-networking,scarthgap,8/8] nbdkit: patch CVE-2025-47712

Message ID

20251130203511.462501-5-skandigraun@gmail.com

State

New

Headers

From: Gyorgy Sarvari <skandigraun@gmail.com>
To: openembedded-devel@lists.openembedded.org
Subject: [meta-oe][scarthgap][PATCH 5/8] redis: ignore CVE-2022-0543
Date: Sun, 30 Nov 2025 21:35:08 +0100
Message-ID: <20251130203511.462501-5-skandigraun@gmail.com>
In-Reply-To: <20251130203511.462501-1-skandigraun@gmail.com>
References: <20251130203511.462501-1-skandigraun@gmail.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Series

[meta-oe,scarthgap,1/8] yasm: add alternative CVE_PRODUCT | expand

Commit Message

Gyorgy Sarvari Nov. 30, 2025, 8:35 p.m. UTC

Details: https://nvd.nist.gov/vuln/detail/CVE-2022-0543

The issue is specific to the version packaged by Debian, it can be ignored.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
---
 meta-oe/recipes-extended/redis/redis_6.2.21.bb | 2 ++
 meta-oe/recipes-extended/redis/redis_7.2.12.bb | 1 +
 2 files changed, 3 insertions(+)

diff --git a/meta-oe/recipes-extended/redis/redis_6.2.21.bb b/meta-oe/recipes-extended/redis/redis_6.2.21.bb
index e0bf92b210..efa8677e76 100644
--- a/meta-oe/recipes-extended/redis/redis_6.2.21.bb
+++ b/meta-oe/recipes-extended/redis/redis_6.2.21.bb
@@ -65,3 +65,5 @@  INITSCRIPT_NAME = "redis-server"
 INITSCRIPT_PARAMS = "defaults 87"
 
 SYSTEMD_SERVICE:${PN} = "redis.service"
+
+CVE_STATUS[CVE-2022-0543] = "not-applicable-config: the vulnerability is not present in upstream, only in Debian-packaged versions"
diff --git a/meta-oe/recipes-extended/redis/redis_7.2.12.bb b/meta-oe/recipes-extended/redis/redis_7.2.12.bb
index bc60f75b01..cd2be6f27e 100644
--- a/meta-oe/recipes-extended/redis/redis_7.2.12.bb
+++ b/meta-oe/recipes-extended/redis/redis_7.2.12.bb
@@ -70,3 +70,4 @@  INITSCRIPT_PARAMS = "defaults 87"
 SYSTEMD_SERVICE:${PN} = "redis.service"
 
 CVE_STATUS[CVE-2022-3734] = "not-applicable-platform: CVE only applies for Windows."
+CVE_STATUS[CVE-2022-0543] = "not-applicable-config: the vulnerability is not present in upstream, only in Debian-packaged versions"

[meta-oe,scarthgap,5/8] redis: ignore CVE-2022-0543

Commit Message

Patch