meta: Remove some not needed CVE_STATUS

Message ID	20240223213101.35576-1-simone.p.weiss@posteo.com
State	Accepted, archived
Commit	5ec6057cfa66ceeb33bec013e320f8e3fa7d7ecf
Headers	show Return-Path: <simone.p.weiss@posteo.com> ip: 185.67.36.66, mailfrom: simone.p.weiss@posteo.com) From: simone.p.weiss@posteo.com To: openembedded-core@lists.openembedded.org Cc: =?utf-8?q?Simone_Wei=C3=9F?= <simone.p.weiss@posteo.com> Subject: [PATCH] meta: Remove some not needed CVE_STATUS Date: Fri, 23 Feb 2024 21:31:01 +0000 Message-Id: <20240223213101.35576-1-simone.p.weiss@posteo.com> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
Series	meta: Remove some not needed CVE_STATUS \| expand meta: Remove some not needed CVE_STATUS

Message ID

20240223213101.35576-1-simone.p.weiss@posteo.com

State

Accepted, archived

Commit

5ec6057cfa66ceeb33bec013e320f8e3fa7d7ecf

Headers

From: simone.p.weiss@posteo.com
To: openembedded-core@lists.openembedded.org
Cc: =?utf-8?q?Simone_Wei=C3=9F?= <simone.p.weiss@posteo.com>
Subject: [PATCH] meta: Remove some not needed CVE_STATUS
Date: Fri, 23 Feb 2024 21:31:01 +0000
Message-Id: <20240223213101.35576-1-simone.p.weiss@posteo.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

Series

meta: Remove some not needed CVE_STATUS | expand

Commit Message

Simone Weiß Feb. 23, 2024, 9:31 p.m. UTC

From: Simone Weiß <simone.p.weiss@posteo.com>

CVE_STATUS was set for those components, but meanwhile databases are updated
with corrected information, so setting the CVE_STATUS is not needed anymore.

Signed-off-by: Simone Weiß <simone.p.weiss@posteo.com>
---
 meta/recipes-connectivity/openssl/openssl_3.2.1.bb | 2 --
 meta/recipes-devtools/qemu/qemu.inc                | 2 --
 meta/recipes-extended/shadow/shadow_4.14.2.bb      | 1 -
 meta/recipes-multimedia/libpng/libpng_1.6.41.bb    | 2 --
 meta/recipes-support/libgcrypt/libgcrypt_1.10.3.bb | 3 ---
 meta/recipes-support/sqlite/sqlite3_3.45.1.bb      | 2 --
 6 files changed, 12 deletions(-)

diff --git a/meta/recipes-connectivity/openssl/openssl_3.2.1.bb b/meta/recipes-connectivity/openssl/openssl_3.2.1.bb
index 549fa4cd94..d3bf6248e3 100644
--- a/meta/recipes-connectivity/openssl/openssl_3.2.1.bb
+++ b/meta/recipes-connectivity/openssl/openssl_3.2.1.bb
@@ -257,5 +257,3 @@  CVE_PRODUCT = "openssl:openssl"
 
 CVE_VERSION_SUFFIX = "alphabetical"
 
-# Apache in meta-webserver is already recent enough
-CVE_STATUS[CVE-2019-0190] = "not-applicable-config: Only affects OpenSSL >= 1.1.1 in combination with Apache < 2.4.37"
diff --git a/meta/recipes-devtools/qemu/qemu.inc b/meta/recipes-devtools/qemu/qemu.inc
index d16d5e76c8..a403f7d69f 100644
--- a/meta/recipes-devtools/qemu/qemu.inc
+++ b/meta/recipes-devtools/qemu/qemu.inc
@@ -54,8 +54,6 @@  SRC_URI:append:class-native = " \
 
 SRC_URI[sha256sum] = "8562751158175f9d187c5f22b57555abe3c870f0325c8ced12c34c6d987729be"
 
-CVE_STATUS[CVE-2017-5957] = "cpe-incorrect: Applies against virglrender < 0.6.0 and not qemu itself"
-
 CVE_STATUS[CVE-2007-0998] = "not-applicable-config: The VNC server can expose host files uder some circumstances. We don't enable it by default."
 
 # https://bugzilla.redhat.com/show_bug.cgi?id=1609015#c11
diff --git a/meta/recipes-extended/shadow/shadow_4.14.2.bb b/meta/recipes-extended/shadow/shadow_4.14.2.bb
index 4e55446312..e57676c1da 100644
--- a/meta/recipes-extended/shadow/shadow_4.14.2.bb
+++ b/meta/recipes-extended/shadow/shadow_4.14.2.bb
@@ -8,4 +8,3 @@  BBCLASSEXTEND = "native nativesdk"
 
 # https://bugzilla.redhat.com/show_bug.cgi?id=884658
 CVE_STATUS[CVE-2013-4235] = "upstream-wontfix: Severity is low and marked as closed and won't fix."
-CVE_STATUS[CVE-2016-15024] = "cpe-incorrect: This is an issue for a different shadow"
diff --git a/meta/recipes-multimedia/libpng/libpng_1.6.41.bb b/meta/recipes-multimedia/libpng/libpng_1.6.41.bb
index 59d3db8efd..8c7529be9b 100644
--- a/meta/recipes-multimedia/libpng/libpng_1.6.41.bb
+++ b/meta/recipes-multimedia/libpng/libpng_1.6.41.bb
@@ -31,5 +31,3 @@  PACKAGES =+ "${PN}-tools"
 FILES:${PN}-tools = "${bindir}/png-fix-itxt ${bindir}/pngfix ${bindir}/pngcp"
 
 BBCLASSEXTEND = "native nativesdk"
-
-CVE_STATUS[CVE-2019-17371] = "cpe-incorrect: A memory leak in gif2png 2.x"
diff --git a/meta/recipes-support/libgcrypt/libgcrypt_1.10.3.bb b/meta/recipes-support/libgcrypt/libgcrypt_1.10.3.bb
index 1c4f4d6038..5a76201ab5 100644
--- a/meta/recipes-support/libgcrypt/libgcrypt_1.10.3.bb
+++ b/meta/recipes-support/libgcrypt/libgcrypt_1.10.3.bb
@@ -29,9 +29,6 @@  SRC_URI = "${GNUPG_MIRROR}/libgcrypt/libgcrypt-${PV}.tar.bz2 \
            "
 SRC_URI[sha256sum] = "8b0870897ac5ac67ded568dcfadf45969cfa8a6beb0fd60af2a9eadc2a3272aa"
 
-CVE_STATUS[CVE-2018-12433] = "disputed: CVE is disputed and not affecting crypto libraries for any distro."
-CVE_STATUS[CVE-2018-12438] = "disputed: CVE is disputed and not affecting crypto libraries for any distro."
-
 BINCONFIG = "${bindir}/libgcrypt-config"
 
 inherit autotools texinfo binconfig-disabled pkgconfig ptest
diff --git a/meta/recipes-support/sqlite/sqlite3_3.45.1.bb b/meta/recipes-support/sqlite/sqlite3_3.45.1.bb
index 2ca8bc5bc9..50612feb25 100644
--- a/meta/recipes-support/sqlite/sqlite3_3.45.1.bb
+++ b/meta/recipes-support/sqlite/sqlite3_3.45.1.bb
@@ -6,5 +6,3 @@  LIC_FILES_CHKSUM = "file://sqlite3.h;endline=11;md5=786d3dc581eff03f4fd9e4a77ed0
 SRC_URI = "http://www.sqlite.org/2024/sqlite-autoconf-${SQLITE_PV}.tar.gz"
 SRC_URI[sha256sum] = "cd9c27841b7a5932c9897651e20b86c701dd740556989b01ca596fcfa3d49a0a"
 
-CVE_STATUS[CVE-2023-36191] = "disputed: The error is a bug. It has been fixed upstream. But it is not a vulnerability"
-

meta: Remove some not needed CVE_STATUS

Commit Message

Patch