|
|
@@ -53,21 +53,6 @@ CVE_CHECK_WHITELIST += "CVE-2020-29509 CVE-2020-29511"
|
|
|
# so from 1.17 onwards. Reported to the database for update by RP 2021/5/9. Update accepted 2021/5/10.
|
|
|
#CVE_CHECK_WHITELIST += "CVE-2000-0803"
|
|
|
|
|
|
-# grub:grub-efi:grub-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-14865
|
|
|
-# Looks like grub-set-bootflag is patched in by Fedora/RHEL:
|
|
|
-# https://src.fedoraproject.org/rpms/grub2/blob/498ea7003b4dd8079fc075fad7e19e0b190d0f97/f/0133-Add-grub-set-bootflag-utility.patch
|
|
|
-# Does not exist in upstream grub2:
|
|
|
-# https://git.savannah.gnu.org/cgit/grub.git/tree/util
|
|
|
-# Reported to the database for update by RP 2021/5/9 Update accepted 2021/5/12
|
|
|
-#CVE_CHECK_WHITELIST += "CVE-2019-14865"
|
|
|
-
|
|
|
-# tar https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-4476 *
|
|
|
-# https://bugzilla.redhat.com/show_bug.cgi?id=280961 - issue affects paxutils included in tar
|
|
|
-# http://cvs.savannah.gnu.org/viewvc/paxutils/paxutils/paxlib/names.c?r1=1.2&r2=1.4 was the fix
|
|
|
-# included in tar 1.19 and later
|
|
|
-# CPE update sent, may or may not exclude for us
|
|
|
-#CVE_CHECK_WHITELIST += "CVE-2007-4476"
|
|
|
-
|
|
|
|
|
|
|
|
|
#### Upstream still working on ####
|
Richard Purdie