From 4df7e37fcae6843600d54d92d38919f6d86952f6 Mon Sep 17 00:00:00 2001
From: Peter Marko <peter.marko@siemens.com>
Date: Sun, 1 Dec 2024 19:53:34 +0100
Subject: [PATCH] gnupg: ignore CVE-2022-3515

This is vulnerability of libksba and we use fixed libksba version
(currently 1.6.4).

(From OE-Core rev: 12007a6d19db220e6540948de9818332192ecde1)

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-support/gnupg/gnupg_2.3.7.bb | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/meta/recipes-support/gnupg/gnupg_2.3.7.bb b/meta/recipes-support/gnupg/gnupg_2.3.7.bb
index 7a29a5659a..7075a61898 100644
--- a/meta/recipes-support/gnupg/gnupg_2.3.7.bb
+++ b/meta/recipes-support/gnupg/gnupg_2.3.7.bb
@@ -87,3 +87,5 @@ lcl_maybe_fortify:mipsarch = ""
 
 # upstream-wontfix: Upstream doesn't seem to be keen on merging the proposed commit - https://dev.gnupg.org/T5993
 CVE_CHECK_IGNORE += "CVE-2022-3219"
+# cpe-incorrect: this is vulnerability of libksba and we use fixed libksba version
+CVE_CHECK_IGNORE += "CVE-2022-3515"