From: Ross Burton <ross.burton@arm.com>
Date: Fri, 16 May 2025 11:10:27 +0000 (+0100)
Subject: Revert "xserver-xorg: mark CVEs fixed in 21.1.16 as fixed"
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=252b52ce3fd51acda6ab9108ea6354cb0885a4f7;p=thirdparty%2Fopenembedded%2Fopenembedded-core-contrib.git

Revert "xserver-xorg: mark CVEs fixed in 21.1.16 as fixed"

The CPE data in the NVD database is now complete, so these overrides are
no longer needed.

This reverts commit e3419fbaf2999a821e1890a12ab27285cc25b577.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
---

diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xorg.inc b/meta/recipes-graphics/xorg-xserver/xserver-xorg.inc
index fbe860c6ea..7645f11c14 100644
--- a/meta/recipes-graphics/xorg-xserver/xserver-xorg.inc
+++ b/meta/recipes-graphics/xorg-xserver/xserver-xorg.inc
@@ -154,7 +154,3 @@ python add_xorg_abi_depends() {
 PACKAGEFUNCS =+ "add_xorg_abi_provides add_xorg_abi_depends"
 
 CVE_STATUS[CVE-2023-5574] = "${@bb.utils.contains('PACKAGECONFIG', 'xvfb', 'unpatched', 'not-applicable-config: specific to Xvfb', d)}"
-
-CVE_STATUS_GROUPS = "CVE_STATUS_REDHAT"
-CVE_STATUS_REDHAT = "CVE-2025-26594 CVE-2025-26595 CVE-2025-26596 CVE-2025-26597 CVE-2025-26598 CVE-2025-26599 CVE-2025-26600 CVE-2025-26601"
-CVE_STATUS_REDHAT[status] = "fixed-version: these are tracked as versionless redhat CVEs in NVD DB, fixed in 21.1.16"