From: Khem Raj <raj.khem@gmail.com>
Date: Tue, 13 Sep 2022 00:51:32 +0000 (-0700)
Subject: binutils: Ignore CVE-2022-38126 CVE-2022-38127
X-Git-Tag: 2022-10~112
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=5789c34b3e77937d034817a0cbd73bc1e4dcf451;p=thirdparty%2Fopenembedded%2Fopenembedded-core.git

binutils: Ignore CVE-2022-38126 CVE-2022-38127

They are already part of backports to 2_36 branch
as noted

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---

diff --git a/meta/recipes-devtools/binutils/binutils-2.39.inc b/meta/recipes-devtools/binutils/binutils-2.39.inc
index 37627c8f933..e4fdb732435 100644
--- a/meta/recipes-devtools/binutils/binutils-2.39.inc
+++ b/meta/recipes-devtools/binutils/binutils-2.39.inc
@@ -34,3 +34,7 @@ SRC_URI = "\
      file://0013-CVE-2022-38533.patch \
 "
 S  = "${WORKDIR}/git"
+# Already in 2.39 branch
+# - https://sourceware.org/bugzilla/show_bug.cgi?id=29289
+# - https://sourceware.org/bugzilla/show_bug.cgi?id=29290
+CVE_CHECK_IGNORE += "CVE-2022-38126 CVE-2022-38127"