[dunfell,06/11] qemu: ignore CVE-2021-20295 CVE-2023-2680

Message ID	fe85b098c6819072731b05a913fb50b830941db5.1701870718.git.steve@sakoman.com
State	Accepted, archived
Commit	2c0822d9e7b8e7d013ef89c7e82e19fff39228a9
Headers	show Return-Path: <steve@sakoman.com> ip: 209.85.214.180, mailfrom: steve@sakoman.com) From: Steve Sakoman <steve@sakoman.com> To: openembedded-core@lists.openembedded.org Subject: [OE-core][dunfell 06/11] qemu: ignore CVE-2021-20295 CVE-2023-2680 Date: Wed, 6 Dec 2023 03:55:49 -1000 Message-Id: <fe85b098c6819072731b05a913fb50b830941db5.1701870718.git.steve@sakoman.com> In-Reply-To: <cover.1701870718.git.steve@sakoman.com> References: <cover.1701870718.git.steve@sakoman.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit
Series	[dunfell,01/11] binutils 2.34: Fix CVE-2021-46174 \| expand [dunfell,01/11] binutils 2.34: Fix CVE-2021-46174 [dunfell,02/11] binutils: Mark CVE-2022-47696 as patched [dunfell,03/11] mdadm: Backport fix for CVE-2023-28938 [dunfell,04/11] libsndfile: fix CVE-2022-33065 Signed integer overflow in src/mat4.c [dunfell,05/11] epiphany: fix CVE-2022-29536 [dunfell,06/11] qemu: ignore CVE-2021-20295 CVE-2023-2680 [dunfell,07/11] vim: upgrade 9.0.2068 -> 9.0.2130 [dunfell,08/11] linux-yocto/5.4: update to v5.4.258 [dunfell,09/11] linux-yocto/5.4: update to v5.4.260 [dunfell,10/11] linux-yocto/5.4: update to v5.4.262 [dunfell,11/11] cve-exclusion_5.4.inc: update for 5.4.262

Message ID

fe85b098c6819072731b05a913fb50b830941db5.1701870718.git.steve@sakoman.com

State

Accepted, archived

Commit

2c0822d9e7b8e7d013ef89c7e82e19fff39228a9

Headers

From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][dunfell 06/11] qemu: ignore CVE-2021-20295 CVE-2023-2680
Date: Wed,  6 Dec 2023 03:55:49 -1000
Message-Id: 
 <fe85b098c6819072731b05a913fb50b830941db5.1701870718.git.steve@sakoman.com>
In-Reply-To: <cover.1701870718.git.steve@sakoman.com>
References: <cover.1701870718.git.steve@sakoman.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Series

[dunfell,01/11] binutils 2.34: Fix CVE-2021-46174 | expand

Commit Message

Steve Sakoman Dec. 6, 2023, 1:55 p.m. UTC

From: Lee Chee Yang <chee.yang.lee@intel.com>

Ignore RHEL specific CVE-2021-20295 CVE-2023-2680.

Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-devtools/qemu/qemu.inc | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/meta/recipes-devtools/qemu/qemu.inc b/meta/recipes-devtools/qemu/qemu.inc
index a24915c35c..9dd90e8789 100644
--- a/meta/recipes-devtools/qemu/qemu.inc
+++ b/meta/recipes-devtools/qemu/qemu.inc
@@ -166,6 +166,13 @@  CVE_CHECK_WHITELIST += "CVE-2020-27661"
 # this bug related to windows specific.
 CVE_CHECK_WHITELIST += "CVE-2023-0664"
 
+# As per https://bugzilla.redhat.com/show_bug.cgi?id=2203387
+# RHEL specific issue
+CVE_CHECK_WHITELIST += "CVE-2023-2680"
+
+# Affected only `qemu-kvm` shipped with Red Hat Enterprise Linux 8.3 release.
+CVE_CHECK_WHITELIST += "CVE-2021-20295"
+
 COMPATIBLE_HOST_mipsarchn32 = "null"
 COMPATIBLE_HOST_mipsarchn64 = "null"

[dunfell,06/11] qemu: ignore CVE-2021-20295 CVE-2023-2680

Commit Message

Patch