[meta-security,kirkstone] tpm2-tss: ignore CVE-2023-22745

Message ID	20230629221020.17674-1-peter.marko@siemens.com
State	New
Headers	show Return-Path: <peter.marko@siemens.com> ip: 185.136.65.227, mailfrom: fm-256628-202306292211160cf9c63ca05abf5959-ji___1@rts-flowmailer.siemens.com) From: Peter Marko <peter.marko@siemens.com> To: yocto@lists.yoctoproject.org Cc: Peter Marko <peter.marko@siemens.com> Subject: [meta-security][kirkstone][PATCH] tpm2-tss: ignore CVE-2023-22745 Date: Fri, 30 Jun 2023 00:10:20 +0200 Message-Id: <20230629221020.17674-1-peter.marko@siemens.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Feedback-ID: 519:519-256628:519-21489:flowmailer
Series	[meta-security,kirkstone] tpm2-tss: ignore CVE-2023-22745 \| expand [meta-security,kirkstone] tpm2-tss: ignore CVE-2023-22745

Message ID

20230629221020.17674-1-peter.marko@siemens.com

State

New

Headers

From: Peter Marko <peter.marko@siemens.com>
To: yocto@lists.yoctoproject.org
Cc: Peter Marko <peter.marko@siemens.com>
Subject: [meta-security][kirkstone][PATCH] tpm2-tss: ignore CVE-2023-22745
Date: Fri, 30 Jun 2023 00:10:20 +0200
Message-Id: <20230629221020.17674-1-peter.marko@siemens.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Feedback-ID: 519:519-256628:519-21489:flowmailer

Series

[meta-security,kirkstone] tpm2-tss: ignore CVE-2023-22745 | expand

Commit Message

Peter Marko June 29, 2023, 10:10 p.m. UTC

From: Peter Marko <peter.marko@siemens.com>

As already mentioned in upgrade commit, this CVE is fixed.
But cve_check still reports it as NVD DB was not updated.

Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
 meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_3.2.2.bb | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_3.2.2.bb b/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_3.2.2.bb
index 9b76c2f..4d2c911 100644
--- a/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_3.2.2.bb
+++ b/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_3.2.2.bb
@@ -88,3 +88,6 @@  FILES:${PN} = "\
     ${sysconfdir}/sysusers.d"
 
 RDEPENDS:libtss2 = "libgcrypt"
+
+# This is patched in 3.2.2, NVD DB was not updated to reflect this backport
+CVE_CHECK_IGNORE += "CVE-2023-22745"

[meta-security,kirkstone] tpm2-tss: ignore CVE-2023-22745

Commit Message

Patch