]> git.ipfire.org Git - thirdparty/openembedded/openembedded-core-contrib.git/commitdiff
projects / thirdparty / openembedded / openembedded-core-contrib.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 8fbf7ec)
bluez5: correct CVE status of ignored CVEs
authorPeter Marko <peter.marko@siemens.com>
Mon, 31 Jul 2023 07:02:32 +0000 (09:02 +0200)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Mon, 31 Jul 2023 13:48:55 +0000 (14:48 +0100)
Rewrite of CVE_CHECK_IGNORE to CVE_STATUS contained copy+paste
problem changing CVE numbers.

CVE-2020-12352 -> CVE-2022-3563
CVE-2020-24490 -> CVE-2022-3637

CVE-2020-12352 is now for kernel only in NVD BD, so remove it.
CVE-2020-24490 is corrected in this commit.

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
meta/recipes-connectivity/bluez5/bluez5_5.68.bb patch | blob | blame | history

diff --git a/meta/recipes-connectivity/bluez5/bluez5_5.68.bb b/meta/recipes-connectivity/bluez5/bluez5_5.68.bb
index f8405ed09195e4f04bdc71e6416fefb319a0992a..7c7ad75ed8139a1b5cbe4249e3bbb8ccccfe4a08 100644 (file)
--- a/meta/recipes-connectivity/bluez5/bluez5_5.68.bb
+++ b/meta/recipes-connectivity/bluez5/bluez5_5.68.bb
@@ -2,8 +2,7 @@ require bluez5.inc
 
 SRC_URI[sha256sum] = "fc505e6445cb579a55cacee6821fe70d633921522043d322b696de0a175ff933"
 
-CVE_STATUS[CVE-2022-3563] = "cpe-incorrect: This issues have kernel fixes rather than bluez fixes"
-CVE_STATUS[CVE-2022-3637] = "cpe-incorrect: This issues have kernel fixes rather than bluez fixes"
+CVE_STATUS[CVE-2020-24490] = "cpe-incorrect: This issue has kernel fixes rather than bluez fixes"
 
 # noinst programs in Makefile.tools that are conditional on READLINE
 # support
Mirror of git://git.openembedded.org/openembedded-core-contrib