On Tue, Sep 14, 2021 at 8:04 AM Steve Sakoman via lists.openembedded.org <[email protected]> wrote: > > The CVE database correctly reports CVEs for oracle_berkley_db and > berkley_db. We use the oracle_berkley_db source tree and therefore > should only check for oracle_berkely_db CVEs. Otherwise the scanner > falsely reports CVEs that are fixed in oracle_berkley_db
Please hold off on taking this patch -- I need to do some more research. I may have confused myself :-( Steve > This reverts commit ad799b109716ccd2f44dcf7a6a4cfcbd622ea661. > > Signed-off-by: Steve Sakoman <[email protected]> > --- > meta/recipes-support/db/db_5.3.28.bb | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/meta/recipes-support/db/db_5.3.28.bb > b/meta/recipes-support/db/db_5.3.28.bb > index d5b788a3d7..5e9305ab06 100644 > --- a/meta/recipes-support/db/db_5.3.28.bb > +++ b/meta/recipes-support/db/db_5.3.28.bb > @@ -15,7 +15,7 @@ HOMEPAGE = > "https://www.oracle.com/database/technologies/related/berkeleydb.html > LICENSE = "Sleepycat" > RCONFLICTS:${PN} = "db3" > > -CVE_PRODUCT = "oracle_berkeley_db berkeley_db" > +CVE_PRODUCT = "oracle_berkeley_db" > CVE_VERSION = "11.2.${PV}" > > PR = "r1" > -- > 2.25.1 > > > >
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#156020): https://lists.openembedded.org/g/openembedded-core/message/156020 Mute This Topic: https://lists.openembedded.org/mt/85608645/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
