From 4030d9f98d6b9a894ae73245bf032c5fc796604c Mon Sep 17 00:00:00 2001
From: Ninette Adhikari <ninette@thehoodiefirm.com>
Date: Wed, 3 Jul 2024 10:00:09 -0700
Subject: [PATCH 1/2] php-native: CVE status update for CVE-2022-4900

The current version (8.2.20) is not affected.

Signed-off-by: Ninette Adhikari <ninette@thehoodiefirm.com>
---
 meta-oe/recipes-devtools/php/php_8.2.20.bb | 1 +
 1 file changed, 1 insertion(+)

diff --git a/meta-oe/recipes-devtools/php/php_8.2.20.bb b/meta-oe/recipes-devtools/php/php_8.2.20.bb
index c3c51cd934f..f306b16931e 100644
--- a/meta-oe/recipes-devtools/php/php_8.2.20.bb
+++ b/meta-oe/recipes-devtools/php/php_8.2.20.bb
@@ -43,6 +43,7 @@ CVE_STATUS_PHP = " \
     CVE-2007-3205 \
     CVE-2007-4596 \
 "
+CVE_STATUS[CVE-2022-4900] = "cpe-incorrect: The current version (8.2.20) is not affected."
 
 inherit autotools pkgconfig python3native gettext multilib_header multilib_script systemd
 

From 1e8ce0eb17797497b55e89bbcf517f824e5ba944 Mon Sep 17 00:00:00 2001
From: Ninette Adhikari <ninette@thehoodiefirm.com>
Date: Wed, 3 Jul 2024 10:04:39 -0700
Subject: [PATCH 2/2] add patch files

---
 0000-cover-letter.patch                       | 16 +++++++++++
 ...-CVE-status-update-for-CVE-2022-4900.patch | 27 +++++++++++++++++++
 2 files changed, 43 insertions(+)
 create mode 100644 0000-cover-letter.patch
 create mode 100644 0001-php-native-CVE-status-update-for-CVE-2022-4900.patch

diff --git a/0000-cover-letter.patch b/0000-cover-letter.patch
new file mode 100644
index 00000000000..bfbab6301ca
--- /dev/null
+++ b/0000-cover-letter.patch
@@ -0,0 +1,16 @@
+From 4030d9f98d6b9a894ae73245bf032c5fc796604c Mon Sep 17 00:00:00 2001
+From: Ninette Adhikari <ninette@thehoodiefirm.com>
+Date: Wed, 3 Jul 2024 10:01:15 -0700
+Subject: [PATCH 0/1] php-native: CVE status update for CVE-2022-4900
+
+The current version (8.2.20) is not affected.
+
+Ninette Adhikari (1):
+  php-native: CVE status update for CVE-2022-4900
+
+ meta-oe/recipes-devtools/php/php_8.2.20.bb | 1 +
+ 1 file changed, 1 insertion(+)
+
+--
+2.44.0
+
diff --git a/0001-php-native-CVE-status-update-for-CVE-2022-4900.patch b/0001-php-native-CVE-status-update-for-CVE-2022-4900.patch
new file mode 100644
index 00000000000..e2e49099ff2
--- /dev/null
+++ b/0001-php-native-CVE-status-update-for-CVE-2022-4900.patch
@@ -0,0 +1,27 @@
+From 4030d9f98d6b9a894ae73245bf032c5fc796604c Mon Sep 17 00:00:00 2001
+From: Ninette Adhikari <ninette@thehoodiefirm.com>
+Date: Wed, 3 Jul 2024 10:00:09 -0700
+Subject: [PATCH 1/1] php-native: CVE status update for CVE-2022-4900
+
+The current version (8.2.20) is not affected.
+
+Signed-off-by: Ninette Adhikari <ninette@thehoodiefirm.com>
+---
+ meta-oe/recipes-devtools/php/php_8.2.20.bb | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/meta-oe/recipes-devtools/php/php_8.2.20.bb b/meta-oe/recipes-devtools/php/php_8.2.20.bb
+index c3c51cd93..f306b1693 100644
+--- a/meta-oe/recipes-devtools/php/php_8.2.20.bb
++++ b/meta-oe/recipes-devtools/php/php_8.2.20.bb
+@@ -43,6 +43,7 @@ CVE_STATUS_PHP = " \
+     CVE-2007-3205 \
+     CVE-2007-4596 \
+ "
++CVE_STATUS[CVE-2022-4900] = "cpe-incorrect: The current version (8.2.20) is not affected."
+ 
+ inherit autotools pkgconfig python3native gettext multilib_header multilib_script systemd
+ 
+-- 
+2.44.0
+