diff mbox series

[dunfell,2/2] qemu: ignore CVE-2021-20295 CVE-2023-2680

Message ID 20231205021552.2248854-2-chee.yang.lee@intel.com
State Accepted, archived
Delegated to: Steve Sakoman
Headers show
Series [dunfell,1/2] epiphany: fix CVE-2022-29536 | expand

Commit Message

Lee, Chee Yang Dec. 5, 2023, 2:15 a.m. UTC 
From: Lee Chee Yang <chee.yang.lee@intel.com>

Ignore RHEL specific CVE-2021-20295 CVE-2023-2680.

Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
---
 meta/recipes-devtools/qemu/qemu.inc | 7 +++++++
 1 file changed, 7 insertions(+)
diff mbox series

Patch

diff --git a/meta/recipes-devtools/qemu/qemu.inc b/meta/recipes-devtools/qemu/qemu.inc
index a24915c35c..9dd90e8789 100644
--- a/meta/recipes-devtools/qemu/qemu.inc
+++ b/meta/recipes-devtools/qemu/qemu.inc
@@ -166,6 +166,13 @@  CVE_CHECK_WHITELIST += "CVE-2020-27661"
 # this bug related to windows specific.
 CVE_CHECK_WHITELIST += "CVE-2023-0664"
 
+# As per https://bugzilla.redhat.com/show_bug.cgi?id=2203387
+# RHEL specific issue
+CVE_CHECK_WHITELIST += "CVE-2023-2680"
+
+# Affected only `qemu-kvm` shipped with Red Hat Enterprise Linux 8.3 release.
+CVE_CHECK_WHITELIST += "CVE-2021-20295"
+
 COMPATIBLE_HOST_mipsarchn32 = "null"
 COMPATIBLE_HOST_mipsarchn64 = "null"