From: Steve Sakoman <steve@sakoman.com>
Date: Wed, 14 Jul 2021 22:09:06 +0000 (-1000)
Subject: gstreamer-plugins-base: ignore CVE-2021-3522 since it is fixed
X-Git-Tag: 2020-04.10~8
X-Git-Url: https://code.ossystems.io/gitweb?a=commitdiff_plain;h=f32e90a7f8918aacda61ef6176eb1655742045b4;p=openembedded-core.git

gstreamer-plugins-base: ignore CVE-2021-3522 since it is fixed

CPE entries for gst-plugins-base are listed as gstreamer issues
so we need to ignore the false hit for the CVE we've patched

Signed-off-by: Steve Sakoman <steve@sakoman.com>
---

diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.16.3.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.16.3.bb
index bcfdef3bbd..431468d459 100644
--- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.16.3.bb
+++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.16.3.bb
@@ -20,6 +20,10 @@ SRC_URI = " \
 SRC_URI[md5sum] = "e3ddb1bae9fb510b49a295f212f1e6e4"
 SRC_URI[sha256sum] = "9f02678b0bbbcc9eff107d3bd89d83ce92fec2154cd607c7c8bd34dc7fee491c"
 
+# CPE entries for gst-plugins-base are listed as gstreamer issues
+# so we need to ignore the false hit
+CVE_CHECK_WHITELIST += "CVE-2021-3522"
+
 S = "${WORKDIR}/gst-plugins-base-${PV}"
 
 DEPENDS += "iso-codes util-linux zlib"