From: Richard Purdie <richard.purdie@linuxfoundation.org>
Date: Mon, 10 May 2021 12:36:02 +0000 (+0100)
Subject: qemu: Exclude CVE-2018-18438 from cve-check
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=05f39301ab19a968916163b2d8f65beda7c09852;p=thirdparty%2Fopenembedded%2Fopenembedded-core-contrib.git

qemu: Exclude CVE-2018-18438 from cve-check

The issues were investigated and found not to be an issue therefore
exclude from checks.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit ee6ee9bd489c126b99d15c1011560df2f840a6e9)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---

diff --git a/meta/recipes-devtools/qemu/qemu.inc b/meta/recipes-devtools/qemu/qemu.inc
index 396ff1c5ebe..8f927bdf54b 100644
--- a/meta/recipes-devtools/qemu/qemu.inc
+++ b/meta/recipes-devtools/qemu/qemu.inc
@@ -68,6 +68,10 @@ CVE_CHECK_WHITELIST += "CVE-2017-5957"
 # enable it by default.
 CVE_CHECK_WHITELIST += "CVE-2007-0998"
 
+# 'The issues identified by this CVE were determined to not constitute a vulnerability.'
+# https://bugzilla.redhat.com/show_bug.cgi?id=1609015#c11
+CVE_CHECK_WHITELIST += "CVE-2018-18438"
+
 COMPATIBLE_HOST_mipsarchn32 = "null"
 COMPATIBLE_HOST_mipsarchn64 = "null"