22922 and 22923 were fixed by upstream by simply removing metalink
support in newer versions. These are mitigated in older versions by
disabling metalink support, which was already done by the recipe, so
whitelist these CVEs.
22945, 22946, and 22947 are backported with only trivial patch fuzz
modifications.
Signed-off-by: Robert Joslyn <robert.joslyn@redrectangle.org> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>