@@ -57,19 +57,19 @@ CVE-2016-0689 CVE-2016-0692 CVE-2016-0694 CVE-2016-3418 CVE-2020-2981"
# There was a proposed patch https://lists.gnu.org/archive/html/qemu-devel/2021-02/msg06098.html
# qemu maintainers say the patch is incorrect and should not be applied
# Ignore from OE's perspectivee as the issue is of low impact, at worst sitting in an infinite loop rather than exploitable
-CVE_CHECK_IGNORE += "CVE-2021-20255"
+CVE_CHECK_WHITELIST += "CVE-2021-20255"
# qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-12067
# There was a proposed patch but rejected by upstream qemu. It is unclear if the issue can
# still be reproduced or where exactly any bug is.
# Ignore from OE's perspective as we'll pick up any fix when upstream accepts one.
-CVE_CHECK_IGNORE += "CVE-2019-12067"
+CVE_CHECK_WHITELIST += "CVE-2019-12067"
# nasm:nasm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-18974
# It is a fuzzing related buffer overflow. It is of low impact since most devices
# wouldn't expose an assembler. The upstream is inactive and there is little to be
# done about the bug, ignore from an OE perspective.
-CVE_CHECK_IGNORE += "CVE-2020-18974"
+CVE_CHECK_WHITELIST += "CVE-2020-18974"