From: Steve Sakoman <steve@sakoman.com>
Date: Mon, 26 Jul 2021 14:17:52 +0000 (-1000)
Subject: Revert "gstreamer-plugins-good: ignore CVE-2021-3497/8 since they are fixed"
X-Git-Tag: yocto-3.1.11~117
X-Git-Url: https://code.ossystems.io/gitweb?a=commitdiff_plain;h=8e3d1f6db8b3595f19a4b93d5872537471fe4e43;p=openembedded-core.git

Revert "gstreamer-plugins-good: ignore CVE-2021-3497/8 since they are fixed"

Change is correct but should be in gstreamer recipe not gstreamer-plugins-good

This reverts commit d853e2bde1ea083f8438e8d7a80f041196d2e38d.
---

diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.16.3.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.16.3.bb
index e8830103ce..1038cbf224 100644
--- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.16.3.bb
+++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.16.3.bb
@@ -15,11 +15,6 @@ SRC_URI = " \
 SRC_URI[md5sum] = "c79b6c2f8eaadb2bb66615b694db399e"
 SRC_URI[sha256sum] = "d3a23a3fe73de673f591b7655494990c9e8a0e22a3c70d6f1dbf50198b29f85f"
 
-# CPE entries for gst-plugins-good are listed as gstreamer issues
-# so we need to ignore the false hit
-CVE_CHECK_WHITELIST += "CVE-2021-3497"
-CVE_CHECK_WHITELIST += "CVE-2021-3498"
-
 S = "${WORKDIR}/gst-plugins-good-${PV}"
 
 LICENSE = "GPLv2+ & LGPLv2.1+"