glibc: remove obsolete CVE ignores

Remove some obsolete CVE ignores now that releases have been made, CPEs updated, or upgrades done: CVE-2020-10029 is marked as fixed in 2.32. CVE-2021-27645 is marked as fixed in 2.34. CVE-2022-39046 is marked as fixed in 2.37. (From OE-Core rev: a383d0e726011007419dd102cd6484733d80d9f6) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2026-04-29 18:32:20 +02:00 · 2023-02-27 16:21:29 +00:00
parent fcb643cd99
commit aa0682447f
1 changed files with 0 additions and 5 deletions
--- a/meta/recipes-core/glibc/glibc_2.37.bb
+++ b/meta/recipes-core/glibc/glibc_2.37.bb
@@ -1,8 +1,6 @@
 require glibc.inc
 require glibc-version.inc

-CVE_CHECK_IGNORE += "CVE-2020-10029 CVE-2021-27645"
-
 # glibc https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1010022
 # glibc https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1010023
 # glibc https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1010024
@@ -16,9 +14,6 @@ CVE_CHECK_IGNORE += "CVE-2019-1010022 CVE-2019-1010023 CVE-2019-1010024"
 # Potential patch at https://sourceware.org/bugzilla/show_bug.cgi?id=22853
 CVE_CHECK_IGNORE += "CVE-2019-1010025"

-# This has been integrated into the 2.36 branch as of c399271 so is now fixed
-CVE_CHECK_IGNORE += "CVE-2022-39046"
-
 # This is integrated into the 2.37 branch as of 07b9521fc6
 CVE_CHECK_IGNORE += "CVE-2023-25139"