cve_check: convert CVE_CHECK_IGNORE to CVE_STATUS

- Try to add convert and apply statuses for old CVEs
- Drop some obsolete ignores, while they are not relevant for current
  version

Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>

meta-oe/recipes-devtools/flatbuffers/flatbuffers.bb

@@ -15,8 +15,6 @@ RDEPENDS:${PN}-dev += "${PN}-compiler"
 
 S = "${WORKDIR}/git"
 
-CVE_CHECK_IGNORE += "CVE-2020-35864"
-
 EXTRA_OECMAKE += " \
     -DFLATBUFFERS_BUILD_TESTS=OFF \    
     -DFLATBUFFERS_BUILD_SHAREDLIB=ON \

meta-oe/recipes-devtools/php/php_8.2.8.bb

@@ -36,7 +36,9 @@ SRC_URI:append:class-target = " \
 S = "${WORKDIR}/php-${PV}"
 SRC_URI[sha256sum] = "995ed4009c7917c962d31837a1a3658f36d4af4f357b673c97ffdbe6403f8517"
 
-CVE_CHECK_IGNORE += "\
+CVE_STATUS_GROUPS += "CVE_STATUS_PHP"
+CVE_STATUS_PHP[status] = "fixed-version: The name of this product is exactly the same as github.com/emlog/emlog. CVE can be safely ignored."
+CVE_STATUS_PHP = " \
     CVE-2007-2728 \
     CVE-2007-3205 \
     CVE-2007-4596 \

meta-oe/recipes-devtools/uw-imap/uw-imap_2007f.bb

@@ -22,9 +22,7 @@ SRC_URI[sha256sum] = "53e15a2b5c1bc80161d42e9f69792a3fa18332b7b771910131004eb520
 
 S = "${WORKDIR}/imap-${PV}"
 
-CVE_CHECK_IGNORE += "\
-    CVE-2005-0198 \
-"
+CVE_STATUS[CVE-2005-0198] = "fixed-version: The CPE in the NVD database doesn't reflect correctly the vulnerable versions."
 
 PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'pam', d)}"
 PACKAGECONFIG[pam] = ",,libpam"