| Message ID | 20220629151519.1179173-1-ross.burton@arm.com |
|---|---|
| State | Accepted, archived |
| Commit | b40dd920f8b40eabe78db363249257818c63c074 |
| Headers | show |
| Series | [1/2] cups: ignore CVE-2022-26691 | expand |
diff --git a/meta/recipes-extended/cups/cups.inc b/meta/recipes-extended/cups/cups.inc index 8f2ad8a0098..45929807660 100644 --- a/meta/recipes-extended/cups/cups.inc +++ b/meta/recipes-extended/cups/cups.inc @@ -26,6 +26,8 @@ CVE_CHECK_IGNORE += "CVE-2008-1033" CVE_CHECK_IGNORE += "CVE-2009-0032" # This is an Ubuntu only issue. CVE_CHECK_IGNORE += "CVE-2018-6553" +# This is fixed in 2.4.2 but the cve-check class still reports it +CVE_CHECK_IGNORE += "CVE-2022-26691" LEAD_SONAME = "libcupsdriver.so"
This is fixed in 2.4.2, which we have, but the complex CPE in that CVE isn't parsed by cve-check correctly so it thinks that we're vulnerable. Signed-off-by: Ross Burton <ross.burton@arm.com> --- meta/recipes-extended/cups/cups.inc | 2 ++ 1 file changed, 2 insertions(+)