From b9c0cacc11ce8e6252b89614beb8d45e56591052 Mon Sep 17 00:00:00 2001
From: Yoann Congal <yoann.congal@smile.fr>
Date: Tue, 14 Nov 2023 11:23:50 +0100
Subject: [PATCH] emlog: ignore inapplicable CVEs

The CVEs:
 * CVE-2019-16868
 * CVE-2019-17073
 * CVE-2021-44584
 * CVE-2022-1526
 * CVE-2022-3968
 * CVE-2023-43291
... apply to the other "emlog" and can be safely ignored.

Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
 meta-oe/recipes-core/emlog/emlog_git.bb | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/meta-oe/recipes-core/emlog/emlog_git.bb b/meta-oe/recipes-core/emlog/emlog_git.bb
index 387dd67123..a503ab82b8 100644
--- a/meta-oe/recipes-core/emlog/emlog_git.bb
+++ b/meta-oe/recipes-core/emlog/emlog_git.bb
@@ -24,3 +24,16 @@ do_install() {
 }
 
 RRECOMMENDS_${PN} += "kernel-module-emlog"
+
+# The NVD database doesn't have a CPE for this product,
+# the name of this product is exactly the same as github.com/emlog/emlog
+# but it's not related in any way. The following CVEs are from that project
+# so they can be safely ignored
+CVE_CHECK_WHITELIST += "\
+    CVE-2019-16868 \
+    CVE-2019-17073 \
+    CVE-2021-44584 \
+    CVE-2022-1526 \
+    CVE-2022-3968 \
+    CVE-2023-43291 \
+"