gstreamer: ignore CVE-2021-3497, CVE-2021-3498, and CVE-2021-3522

CPE entries for gst-plugins-* are listed as gstreamer issues
so we need to ignore the false hits for the CVEs we've patched
in plugins recipes

Signed-off-by: Steve Sakoman <steve@sakoman.com>

diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.16.3.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.16.3.bb
index 7afe56cd7b368b5d4099fc366a63eaca09a93e87..a516fabdafe57e044c6956f4474bce688ad69267 100644 (file)
--- a/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.16.3.bb
+++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.16.3.bb
@@ -74,4 +74,13 @@ FILES_${PN}-dbg += "${datadir}/gdb ${datadir}/gstreamer-1.0/gdb"
 
 CVE_PRODUCT = "gstreamer"
 
+# CPE entries for gst-plugins-base are listed as gstreamer issues
+# so we need to ignore the false hits
+CVE_CHECK_WHITELIST += "CVE-2021-3522"
+
+# CPE entries for gst-plugins-good are listed as gstreamer issues
+# so we need to ignore the false hits
+CVE_CHECK_WHITELIST += "CVE-2021-3497"
+CVE_CHECK_WHITELIST += "CVE-2021-3498"
+
 require gstreamer1.0-ptest.inc