diff mbox series

[2/2] cve-extra-exclusions: remove BlueZ issues

Message ID 20230904160335.376303-2-ross.burton@arm.com
State Accepted, archived
Commit 7f354aed364b17259a642cc97e30a0a2b8218134
Headers show
Series [1/2] cve-extra-exclusions: remove historic kernel CVEs which are handled now | expand

Commit Message

Ross Burton Sept. 4, 2023, 4:03 p.m. UTC 
From: Ross Burton <ross.burton@arm.com>

These BlueZ issues were mislabelled as Linux issues, but now that the
CPE data is accurate this ignore can be removed.

Signed-off-by: Ross Burton <ross.burton@arm.com>
---
 meta/conf/distro/include/cve-extra-exclusions.inc | 5 -----
 1 file changed, 5 deletions(-)
diff mbox series

Patch

diff --git a/meta/conf/distro/include/cve-extra-exclusions.inc b/meta/conf/distro/include/cve-extra-exclusions.inc
index 84217e4acde..51926f342a1 100644
--- a/meta/conf/distro/include/cve-extra-exclusions.inc
+++ b/meta/conf/distro/include/cve-extra-exclusions.inc
@@ -74,11 +74,6 @@  CVE_STATUS_KERNEL_HISTORIC = "CVE-1999-0524 CVE-1999-0656 CVE-2006-2932 CVE-2007
 CVE_STATUS_KERNEL_HISTORIC[status] = "ignored"
 
 
-# https://nvd.nist.gov/vuln/detail/CVE-2022-3563
-# https://nvd.nist.gov/vuln/detail/CVE-2022-3637
-CVE_STATUS[CVE-2022-3563] = "cpe-incorrect: This issue do not affect the kernel, patchs listed on CVE pages links to https://git.kernel.org/pub/scm/bluetooth/bluez.git"
-CVE_STATUS[CVE-2022-3637] = "cpe-incorrect: This issue do not affect the kernel, patchs listed on CVE pages links to https://git.kernel.org/pub/scm/bluetooth/bluez.git"
-
 # qemu:qemu-native:qemu-system-native https://nvd.nist.gov/vuln/detail/CVE-2021-20255
 CVE_STATUS[CVE-2021-20255] = "upstream-wontfix: \
 There was a proposed patch https://lists.gnu.org/archive/html/qemu-devel/2021-02/msg06098.html \