From: Ross Burton <ross.burton@arm.com>
Date: Wed, 27 Sep 2023 11:46:59 +0000 (+0800)
Subject: xserver-xorg: ignore CVE-2022-3553 as it is XQuartz-specific
X-Git-Tag: yocto-4.0.14~59
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=96d36b97d9c6d1f5e79b1bea79f182561423fecb;p=thirdparty%2Fopenembedded%2Fopenembedded-core.git

xserver-xorg: ignore CVE-2022-3553 as it is XQuartz-specific

(cherry-pick from commit 769576f36aac9652525beec5c7e8a4d26632b844 )

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---

diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xorg.inc b/meta/recipes-graphics/xorg-xserver/xserver-xorg.inc
index 6b11c79be6e..ecb164ddf76 100644
--- a/meta/recipes-graphics/xorg-xserver/xserver-xorg.inc
+++ b/meta/recipes-graphics/xorg-xserver/xserver-xorg.inc
@@ -28,6 +28,8 @@ CVE_CHECK_IGNORE += "CVE-2011-4613"
 # impossible or difficult to exploit. There is currently no upstream patch
 # available for this flaw.
 CVE_CHECK_IGNORE += "CVE-2020-25697"
+# This is specific to XQuartz, which is the macOS X server port
+CVE_CHECK_IGNORE += "CVE-2022-3553"
 
 S = "${WORKDIR}/${XORG_PN}-${PV}"