MIRRORS/meta-openembedded
1
0
Fork 0
mirror of https://github.com/openembedded/meta-openembedded.git synced 2025-12-14 22:35:25 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

emlog: ignore unrelated CVEs

Browse Source 
This product is not present in the NVD database but another
one with exactly the same name is in fact present. For that
reason cve-check is outputting CVEs that are unrelated so they
can be ignored.

Signed-off-by: Davide Gardenal <davide.gardenal@huawei.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This commit is contained in:
Davide Gardenal 2022-07-04 11:40:55 +02:00 committed by Khem Raj
parent 19061fea15
commit eaf1ea2e1f
1 changed files with 11 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
meta-oe/recipes-core/emlog/emlog_git.bb
View File

@ -24,3 +24,14 @@ do_install() {
} }
RRECOMMENDS:${PN} += "kernel-module-emlog" RRECOMMENDS:${PN} += "kernel-module-emlog"
# The NVD database doesn't have a CPE for this product,
# the name of this product is exactly the same as github.com/emlog/emlog
# but it's not related in any way. The following CVEs are from that project
# so they can be safely ignored
CVE_CHECK_IGNORE += "\
CVE-2019-16868 \
CVE-2019-17073 \
CVE-2021-44584 \
CVE-2022-1526 \
"