diff mbox series

[meta-oe,6/6] minio: ignore irrelevant CVEs

Message ID 20260413180227.755337-6-skandigraun@gmail.com
State New
Headers show
Series [meta-networking,1/6] corosync: patch CVE-2026-35091 | expand

Commit Message

Gyorgy Sarvari April 13, 2026, 6:02 p.m. UTC 
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-33419
https://nvd.nist.gov/vuln/detail/CVE-2026-34204

These CVEs were filed against minio server, but this recipe is for minio
client tools, which is a related, but different project.

Ignore these CVEs.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
---
 meta-oe/recipes-extended/minio/minio_git.bb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
diff mbox series

Patch

diff --git a/meta-oe/recipes-extended/minio/minio_git.bb b/meta-oe/recipes-extended/minio/minio_git.bb
index 511dd4d869..d08b5e754d 100644
--- a/meta-oe/recipes-extended/minio/minio_git.bb
+++ b/meta-oe/recipes-extended/minio/minio_git.bb
@@ -169,4 +169,4 @@  CVE_STATUS_GROUPS += "CVE_STATUS_WRONG_CPE"
 CVE_STATUS_WRONG_CPE[status] = "cpe-incorrect: The vulnerability is in minio server, not in minio client-tools"
 CVE_STATUS_WRONG_CPE = "CVE-2018-1000538 CVE-2020-11012 CVE-2021-21287 CVE-2021-21362 \
                         CVE-2021-21390 CVE-2021-43858 CVE-2022-35919 CVE-2023-28433 \
-                        CVE-2023-28434 CVE-2024-36107"
+                        CVE-2023-28434 CVE-2024-36107 CVE-2026-33419 CVE-2026-34204"