| Message ID | 20220217202013.2490806-1-raj.khem@gmail.com |
|---|---|
| State | New |
| Headers | show |
| Series | recipe: Use new CVE_CHECK_IGNORE variable | expand |
diff --git a/meta-initramfs/recipes-devtools/dracut/dracut_055.bb b/meta-initramfs/recipes-devtools/dracut/dracut_055.bb index 91514b8409..3eee6669a3 100644 --- a/meta-initramfs/recipes-devtools/dracut/dracut_055.bb +++ b/meta-initramfs/recipes-devtools/dracut/dracut_055.bb @@ -67,4 +67,4 @@ RRECOMMENDS:${PN} = " \ " # CVE-2010-4176 affects only Fedora -CVE_CHECK_WHITELIST += "CVE-2010-4176" +CVE_CHECK_IGNORE += "CVE-2010-4176" diff --git a/meta-networking/recipes-connectivity/samba/samba_4.14.12.bb b/meta-networking/recipes-connectivity/samba/samba_4.14.12.bb index 5be4d2d51e..1fd30ad8af 100644 --- a/meta-networking/recipes-connectivity/samba/samba_4.14.12.bb +++ b/meta-networking/recipes-connectivity/samba/samba_4.14.12.bb @@ -38,7 +38,7 @@ UPSTREAM_CHECK_REGEX = "samba\-(?P<pver>4\.14(\.\d+)+).tar.gz" inherit systemd waf-samba cpan-base perlnative update-rc.d perl-version pkgconfig # CVE-2011-2411 is valnerble only on HP NonStop Servers. -CVE_CHECK_WHITELIST += "CVE-2011-2411" +CVE_CHECK_IGNORE += "CVE-2011-2411" # remove default added RDEPENDS on perl RDEPENDS:${PN}:remove = "perl" diff --git a/meta-networking/recipes-daemons/cyrus-sasl/cyrus-sasl_2.1.27.bb b/meta-networking/recipes-daemons/cyrus-sasl/cyrus-sasl_2.1.27.bb index 7a6243b10b..43b69f7a21 100644 --- a/meta-networking/recipes-daemons/cyrus-sasl/cyrus-sasl_2.1.27.bb +++ b/meta-networking/recipes-daemons/cyrus-sasl/cyrus-sasl_2.1.27.bb @@ -98,4 +98,4 @@ FILES:${PN}-staticdev += "${libdir}/sasl2/*.a" INSANE_SKIP:${PN} += "dev-so" # CVE-2020-8032 affects only openSUSE -CVE_CHECK_WHITELIST += "CVE-2020-8032" +CVE_CHECK_IGNORE += "CVE-2020-8032" diff --git a/meta-networking/recipes-protocols/mdns/mdns_1310.140.1.bb b/meta-networking/recipes-protocols/mdns/mdns_1310.140.1.bb index 5c6d220200..205dc929be 100644 --- a/meta-networking/recipes-protocols/mdns/mdns_1310.140.1.bb +++ b/meta-networking/recipes-protocols/mdns/mdns_1310.140.1.bb @@ -38,7 +38,7 @@ CVE_PRODUCT = "apple:mdnsresponder" # https://www.incibe-cert.es/en/early-warning/vulnerabilities/cve-2007-0613 # https://security-tracker.debian.org/tracker/CVE-2007-0613 # https://vulmon.com/vulnerabilitydetails?qid=CVE-2007-0613 -CVE_CHECK_WHITELIST += "CVE-2007-0613" +CVE_CHECK_IGNORE += "CVE-2007-0613" PARALLEL_MAKE = "" diff --git a/meta-networking/recipes-support/dovecot/dovecot_2.3.14.bb b/meta-networking/recipes-support/dovecot/dovecot_2.3.14.bb index 464f622502..1017f16add 100644 --- a/meta-networking/recipes-support/dovecot/dovecot_2.3.14.bb +++ b/meta-networking/recipes-support/dovecot/dovecot_2.3.14.bb @@ -74,4 +74,4 @@ FILES:${PN}-dev += "${libdir}/dovecot/libdovecot*.so" FILES:${PN}-dbg += "${libdir}/dovecot/*/.debug" # CVE-2016-4983 affects only postinstall script on specific distribution -CVE_CHECK_WHITELIST += "CVE-2016-4983" +CVE_CHECK_IGNORE += "CVE-2016-4983" diff --git a/meta-networking/recipes-support/ntp/ntp_4.2.8p15.bb b/meta-networking/recipes-support/ntp/ntp_4.2.8p15.bb index 4a719ae9c8..fe2bd0773c 100644 --- a/meta-networking/recipes-support/ntp/ntp_4.2.8p15.bb +++ b/meta-networking/recipes-support/ntp/ntp_4.2.8p15.bb @@ -29,7 +29,7 @@ SRC_URI = "http://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-4.2/ntp-${PV}.tar.g SRC_URI[sha256sum] = "f65840deab68614d5d7ceb2d0bb9304ff70dcdedd09abb79754a87536b849c19" # CVE-2016-9312 is only for windows. -CVE_CHECK_WHITELIST += "CVE-2016-9312" +CVE_CHECK_IGNORE += "CVE-2016-9312" inherit autotools update-rc.d useradd systemd pkgconfig diff --git a/meta-networking/recipes-support/openvpn/openvpn_2.5.5.bb b/meta-networking/recipes-support/openvpn/openvpn_2.5.5.bb index 2dc3af6bf9..6c4514eb90 100644 --- a/meta-networking/recipes-support/openvpn/openvpn_2.5.5.bb +++ b/meta-networking/recipes-support/openvpn/openvpn_2.5.5.bb @@ -17,7 +17,7 @@ UPSTREAM_CHECK_URI = "https://openvpn.net/community-downloads" SRC_URI[sha256sum] = "7500df4734173bce2e95b5039079119dacaff121650b2b6ca76d2dc68bdac1c5" # CVE-2020-7224 and CVE-2020-27569 are for Aviatrix OpenVPN client, not for openvpn. -CVE_CHECK_WHITELIST += "CVE-2020-7224 CVE-2020-27569" +CVE_CHECK_IGNORE += "CVE-2020-7224 CVE-2020-27569" SYSTEMD_SERVICE:${PN} += "openvpn@loopback-server.service openvpn@loopback-client.service" SYSTEMD_AUTO_ENABLE = "disable" diff --git a/meta-oe/recipes-devtools/flatbuffers/flatbuffers_2.0.0.bb b/meta-oe/recipes-devtools/flatbuffers/flatbuffers_2.0.0.bb index 06bb971541..bf74f1229f 100644 --- a/meta-oe/recipes-devtools/flatbuffers/flatbuffers_2.0.0.bb +++ b/meta-oe/recipes-devtools/flatbuffers/flatbuffers_2.0.0.bb @@ -17,7 +17,7 @@ SRCREV = "a9a295fecf3fbd5a4f571f53b01f63202a3e2113" SRC_URI = "git://github.com/google/flatbuffers.git;branch=master;protocol=https" S = "${WORKDIR}/git" -CVE_CHECK_WHITELIST += "CVE-2020-35864" +CVE_CHECK_IGNORE += "CVE-2020-35864" CXXFLAGS += "-fPIC" BUILD_CXXFLAGS += "-fPIC" diff --git a/meta-oe/recipes-support/nss/nss_3.74.bb b/meta-oe/recipes-support/nss/nss_3.74.bb index c93f7caeb2..8d40e2c939 100644 --- a/meta-oe/recipes-support/nss/nss_3.74.bb +++ b/meta-oe/recipes-support/nss/nss_3.74.bb @@ -281,4 +281,4 @@ RDEPENDS:${PN}-smime = "perl" BBCLASSEXTEND = "native nativesdk" # CVE-2006-5201 affects only Sun Solaris -CVE_CHECK_WHITELIST += "CVE-2006-5201" +CVE_CHECK_IGNORE += "CVE-2006-5201"
Signed-off-by: Khem Raj <raj.khem@gmail.com> --- meta-initramfs/recipes-devtools/dracut/dracut_055.bb | 2 +- meta-networking/recipes-connectivity/samba/samba_4.14.12.bb | 2 +- meta-networking/recipes-daemons/cyrus-sasl/cyrus-sasl_2.1.27.bb | 2 +- meta-networking/recipes-protocols/mdns/mdns_1310.140.1.bb | 2 +- meta-networking/recipes-support/dovecot/dovecot_2.3.14.bb | 2 +- meta-networking/recipes-support/ntp/ntp_4.2.8p15.bb | 2 +- meta-networking/recipes-support/openvpn/openvpn_2.5.5.bb | 2 +- meta-oe/recipes-devtools/flatbuffers/flatbuffers_2.0.0.bb | 2 +- meta-oe/recipes-support/nss/nss_3.74.bb | 2 +- 9 files changed, 9 insertions(+), 9 deletions(-)