From: Chen Qi <qi.c...@windriver.com> CVE-2014-8271 has an unusual versioning, svn_16280, which breaks the version comparison and gives us warning like below:
Failed to compare 202308 < svn_16280 for CVE-2014-8271 The fix has been there since 2014, our current version has included the fix. Signed-off-by: Chen Qi <qi.c...@windriver.com> --- meta/recipes-core/ovmf/ovmf_git.bb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/meta/recipes-core/ovmf/ovmf_git.bb b/meta/recipes-core/ovmf/ovmf_git.bb index 5b1353b8e8..f98cec8035 100644 --- a/meta/recipes-core/ovmf/ovmf_git.bb +++ b/meta/recipes-core/ovmf/ovmf_git.bb @@ -33,6 +33,8 @@ UPSTREAM_CHECK_GITTAGREGEX = "(?P<pver>edk2-stable.*)" CVE_PRODUCT = "edk2" CVE_VERSION = "${@d.getVar('PV').split('stable')[1]}" +CVE_STATUS[CVE-2014-8271] = "fixed-version: Fixed in svn_16280, which is an unusual versioning breaking version comparison." + inherit deploy PARALLEL_MAKE = "" -- 2.34.1
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#197988): https://lists.openembedded.org/g/openembedded-core/message/197988 Mute This Topic: https://lists.openembedded.org/mt/105362147/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-