From: Ross Burton <ross.burton@arm.com>
Date: Mon, 27 Feb 2023 16:21:29 +0000 (+0000)
Subject: glibc: remove obsolete CVE ignores
X-Git-Tag: lucaceresoli/bug-15201-perf-libtraceevent-missing~1554
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=a383d0e726011007419dd102cd6484733d80d9f6;p=thirdparty%2Fopenembedded%2Fopenembedded-core-contrib.git

glibc: remove obsolete CVE ignores

Remove some obsolete CVE ignores now that releases have been made, CPEs
updated, or upgrades done:

CVE-2020-10029 is marked as fixed in 2.32.

CVE-2021-27645 is marked as fixed in 2.34.

CVE-2022-39046 is marked as fixed in 2.37.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---

diff --git a/meta/recipes-core/glibc/glibc_2.37.bb b/meta/recipes-core/glibc/glibc_2.37.bb
index 31c94929b93..762a2793ad3 100644
--- a/meta/recipes-core/glibc/glibc_2.37.bb
+++ b/meta/recipes-core/glibc/glibc_2.37.bb
@@ -1,8 +1,6 @@
 require glibc.inc
 require glibc-version.inc
 
-CVE_CHECK_IGNORE += "CVE-2020-10029 CVE-2021-27645"
-
 # glibc https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1010022
 # glibc https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1010023
 # glibc https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1010024
@@ -16,9 +14,6 @@ CVE_CHECK_IGNORE += "CVE-2019-1010022 CVE-2019-1010023 CVE-2019-1010024"
 # Potential patch at https://sourceware.org/bugzilla/show_bug.cgi?id=22853
 CVE_CHECK_IGNORE += "CVE-2019-1010025"
 
-# This has been integrated into the 2.36 branch as of c399271 so is now fixed
-CVE_CHECK_IGNORE += "CVE-2022-39046"
-
 # This is integrated into the 2.37 branch as of 07b9521fc6
 CVE_CHECK_IGNORE += "CVE-2023-25139"