[mickledore,03/24] qemu: ignore RHEL specific CVE-2023-2680

Message ID	7300254fdb6659c0a7462c64133f893d1a152850.1697816789.git.steve@sakoman.com
State	New
Headers	show Return-Path: <steve@sakoman.com> ip: 209.85.214.178, mailfrom: steve@sakoman.com) From: Steve Sakoman <steve@sakoman.com> To: openembedded-core@lists.openembedded.org Subject: [OE-core][mickledore 03/24] qemu: ignore RHEL specific CVE-2023-2680 Date: Fri, 20 Oct 2023 05:51:05 -1000 Message-Id: <7300254fdb6659c0a7462c64133f893d1a152850.1697816789.git.steve@sakoman.com> In-Reply-To: <cover.1697816789.git.steve@sakoman.com> References: <cover.1697816789.git.steve@sakoman.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit
Series	[mickledore,01/24] cups: fix CVE-2023-4504 \| expand [mickledore,01/24] cups: fix CVE-2023-4504 [mickledore,02/24] dmidecode: fixup for CVE-2023-30630 [mickledore,03/24] qemu: ignore RHEL specific CVE-2023-2680 [mickledore,04/24] cve-check: add CVSS vector string to CVE database and reports [mickledore,05/24] python3-urllib3: 1.26.15 -> 1.26.17 [mickledore,06/24] libx11: upgrade to 1.8.7 [mickledore,07/24] libxpm: upgrade to 3.5.17 [mickledore,08/24] linux-yocto/6.1: update to v6.1.55 [mickledore,09/24] linux-yocto/6.1: update to v6.1.56 [mickledore,10/24] linux-yocto/6.1: tiny: fix arm 32 boot [mickledore,11/24] linux-yocto/6.1: update to v6.1.57 [mickledore,12/24] cve-exclusion_6.1.inc: update for 6.1.57 [mickledore,13/24] vim: Upgrade 9.0.2009 -> 9.0.2048 [mickledore,14/24] uboot-extlinux-config.bbclass: fix missed override syntax migration [mickledore,15/24] shadow: fix patch Upstream-Status [mickledore,16/24] libevent: fix patch Upstream-Status [mickledore,17/24] fontcache.bbclass: avoid native recipes depending on target fontconfig [mickledore,18/24] insane.bbclass: Count raw bytes in shebang-size [mickledore,19/24] oeqa/selftest: Fix broken symlink removal handling [mickledore,20/24] oeqa/utils/gitarchive: Handle broken commit counts in results repo [mickledore,21/24] wic: bootimg-partition: Fix file name in debug message [mickledore,22/24] oeqa/concurrencytest: Remove invalid buffering option [mickledore,23/24] packages.bbclass: Correct the check for conflicts with renamed packages [mickledore,24/24] busybox: Set PATH in syslog initscript

Message ID

7300254fdb6659c0a7462c64133f893d1a152850.1697816789.git.steve@sakoman.com

State

New

Headers

From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][mickledore 03/24] qemu: ignore RHEL specific CVE-2023-2680
Date: Fri, 20 Oct 2023 05:51:05 -1000
Message-Id: 
 <7300254fdb6659c0a7462c64133f893d1a152850.1697816789.git.steve@sakoman.com>
In-Reply-To: <cover.1697816789.git.steve@sakoman.com>
References: <cover.1697816789.git.steve@sakoman.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Series

[mickledore,01/24] cups: fix CVE-2023-4504 | expand

Commit Message

Steve Sakoman Oct. 20, 2023, 3:51 p.m. UTC

From: Lee Chee Yang <chee.yang.lee@intel.com>

Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-devtools/qemu/qemu.inc | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/meta/recipes-devtools/qemu/qemu.inc b/meta/recipes-devtools/qemu/qemu.inc
index 00decc57e5..a7f1099dd5 100644
--- a/meta/recipes-devtools/qemu/qemu.inc
+++ b/meta/recipes-devtools/qemu/qemu.inc
@@ -67,6 +67,10 @@  CVE_CHECK_IGNORE += "CVE-2018-18438"
 # this bug related to windows specific.
 CVE_CHECK_IGNORE += "CVE-2023-0664"
 
+# As per https://bugzilla.redhat.com/show_bug.cgi?id=2203387
+# RHEL specific issue
+CVE_CHECK_IGNORE += "CVE-2023-2680"
+
 COMPATIBLE_HOST:mipsarchn32 = "null"
 COMPATIBLE_HOST:mipsarchn64 = "null"
 COMPATIBLE_HOST:riscv32 = "null"

[mickledore,03/24] qemu: ignore RHEL specific CVE-2023-2680

Commit Message

Patch