@@ -257,5 +257,3 @@ CVE_PRODUCT = "openssl:openssl"
CVE_VERSION_SUFFIX = "alphabetical"
-# Apache in meta-webserver is already recent enough
-CVE_STATUS[CVE-2019-0190] = "not-applicable-config: Only affects OpenSSL >= 1.1.1 in combination with Apache < 2.4.37"
@@ -54,8 +54,6 @@ SRC_URI:append:class-native = " \
SRC_URI[sha256sum] = "8562751158175f9d187c5f22b57555abe3c870f0325c8ced12c34c6d987729be"
-CVE_STATUS[CVE-2017-5957] = "cpe-incorrect: Applies against virglrender < 0.6.0 and not qemu itself"
-
CVE_STATUS[CVE-2007-0998] = "not-applicable-config: The VNC server can expose host files uder some circumstances. We don't enable it by default."
# https://bugzilla.redhat.com/show_bug.cgi?id=1609015#c11
@@ -8,4 +8,3 @@ BBCLASSEXTEND = "native nativesdk"
# https://bugzilla.redhat.com/show_bug.cgi?id=884658
CVE_STATUS[CVE-2013-4235] = "upstream-wontfix: Severity is low and marked as closed and won't fix."
-CVE_STATUS[CVE-2016-15024] = "cpe-incorrect: This is an issue for a different shadow"
@@ -31,5 +31,3 @@ PACKAGES =+ "${PN}-tools"
FILES:${PN}-tools = "${bindir}/png-fix-itxt ${bindir}/pngfix ${bindir}/pngcp"
BBCLASSEXTEND = "native nativesdk"
-
-CVE_STATUS[CVE-2019-17371] = "cpe-incorrect: A memory leak in gif2png 2.x"
@@ -29,9 +29,6 @@ SRC_URI = "${GNUPG_MIRROR}/libgcrypt/libgcrypt-${PV}.tar.bz2 \
"
SRC_URI[sha256sum] = "8b0870897ac5ac67ded568dcfadf45969cfa8a6beb0fd60af2a9eadc2a3272aa"
-CVE_STATUS[CVE-2018-12433] = "disputed: CVE is disputed and not affecting crypto libraries for any distro."
-CVE_STATUS[CVE-2018-12438] = "disputed: CVE is disputed and not affecting crypto libraries for any distro."
-
BINCONFIG = "${bindir}/libgcrypt-config"
inherit autotools texinfo binconfig-disabled pkgconfig ptest
@@ -6,5 +6,3 @@ LIC_FILES_CHKSUM = "file://sqlite3.h;endline=11;md5=786d3dc581eff03f4fd9e4a77ed0
SRC_URI = "http://www.sqlite.org/2024/sqlite-autoconf-${SQLITE_PV}.tar.gz"
SRC_URI[sha256sum] = "cd9c27841b7a5932c9897651e20b86c701dd740556989b01ca596fcfa3d49a0a"
-CVE_STATUS[CVE-2023-36191] = "disputed: The error is a bug. It has been fixed upstream. But it is not a vulnerability"
-