From 408aeb7aae7e39efc7fc99f29e1c7366d3c1890d Mon Sep 17 00:00:00 2001
From: Peter Marko <peter.marko@siemens.com>
Date: Thu, 10 Apr 2025 19:28:34 +0200
Subject: [PATCH] systemd: ignore CVEs which reappeared after upgrade to 250.14

Upgrade from 250.5 to 250.14 removed patches for these CVEs because they
were interated in the new version.
However NVD DB does not contain information about these backports to
v250 branch, so they need to be ignored.

(From OE-Core rev: b86129da823c55a3e08ee72c99675301948949f8)

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-core/systemd/systemd.inc | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/meta/recipes-core/systemd/systemd.inc b/meta/recipes-core/systemd/systemd.inc
index 86ae4793c3..70ba1d1f77 100644
--- a/meta/recipes-core/systemd/systemd.inc
+++ b/meta/recipes-core/systemd/systemd.inc
@@ -19,3 +19,6 @@ SRCBRANCH = "v250-stable"
 SRC_URI = "git://github.com/systemd/systemd-stable.git;protocol=https;branch=${SRCBRANCH}"
 
 S = "${WORKDIR}/git"
+
+# cpe-stable-backport: patches were backported to v250 stable branch
+CVE_CHECK_IGNORE += "CVE-2022-3821 CVE-2022-4415 CVE-2022-45873"