From 249f2a493c8dbab64136a6f38e31442176cdf3fe Mon Sep 17 00:00:00 2001
From: Marta Rybczynska <marta.rybczynska@huawei.com>
Date: Tue, 2 Nov 2021 12:32:10 +0100
Subject: [PATCH] networkmanager: update CVEs

Update status of the CVE CVE-2021-20297 affecting NetworkManager, the
vulnerable code has been introduced in 1.26 so we are not affected.

Signed-off-by: Marta Rybczynska <marta.rybczynska@huawei.com>
---
 .../networkmanager/networkmanager_1.22.16.bb                   | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/meta-oniro-staging/recipes-connectivity/networkmanager/networkmanager_1.22.16.bb b/meta-oniro-staging/recipes-connectivity/networkmanager/networkmanager_1.22.16.bb
index 0d71d031..ff784b8c 100644
--- a/meta-oniro-staging/recipes-connectivity/networkmanager/networkmanager_1.22.16.bb
+++ b/meta-oniro-staging/recipes-connectivity/networkmanager/networkmanager_1.22.16.bb
@@ -153,6 +153,9 @@ ALTERNATIVE_${PN} = "${@bb.utils.contains('DISTRO_FEATURES','systemd','resolv-co
 ALTERNATIVE_TARGET[resolv-conf] = "${@bb.utils.contains('DISTRO_FEATURES','systemd','${sysconfdir}/resolv-conf.NetworkManager','',d)}"
 ALTERNATIVE_LINK_NAME[resolv-conf] = "${@bb.utils.contains('DISTRO_FEATURES','systemd','${sysconfdir}/resolv.conf','',d)}"
 
+# Issue introduced in 1.26
+CVE_CHECK_WHITELIST = "CVE-2021-20297 "
+
 do_install_append() {
     install -Dm 0755 ${WORKDIR}/${BPN}.initd ${D}${sysconfdir}/init.d/network-manager
 
-- 
GitLab