From: Chen Qi <qi.c...@windriver.com>
CVE-2014-8271 has an unusual versioning, svn_16280, which breaks
the version comparison and gives us warning like below:
Failed to compare 202308 < svn_16280 for CVE-2014-8271
The fix has been there since 2014, our current version has included
the fix.
Signed-off-by: Chen Qi <qi.c...@windriver.com>
---
meta/recipes-core/ovmf/ovmf_git.bb | 2 ++
1 file changed, 2 insertions(+)
diff --git a/meta/recipes-core/ovmf/ovmf_git.bb
b/meta/recipes-core/ovmf/ovmf_git.bb
index 5b1353b8e8..f98cec8035 100644
--- a/meta/recipes-core/ovmf/ovmf_git.bb
+++ b/meta/recipes-core/ovmf/ovmf_git.bb
@@ -33,6 +33,8 @@ UPSTREAM_CHECK_GITTAGREGEX = "(?P<pver>edk2-stable.*)"
CVE_PRODUCT = "edk2"
CVE_VERSION = "${@d.getVar('PV').split('stable')[1]}"
+CVE_STATUS[CVE-2014-8271] = "fixed-version: Fixed in svn_16280, which is an
unusual versioning breaking version comparison."
+
inherit deploy
PARALLEL_MAKE = ""
--
2.34.1
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#197988):
https://lists.openembedded.org/g/openembedded-core/message/197988
Mute This Topic: https://lists.openembedded.org/mt/105362147/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
