If XvFB is enabled, the CVE_STATUS for CVE-2023-5574 should be 'unpatched' rather than the empty string. Otherwise SDPX checker complains:
xserver-xorg-2_21.1.13-r0 do_create_spdx: Unknown CVE status Signed-off-by: Dmitry Baryshkov <[email protected]> --- meta/recipes-graphics/xorg-xserver/xserver-xorg.inc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xorg.inc b/meta/recipes-graphics/xorg-xserver/xserver-xorg.inc index 22f7d9a8adcb..e2754426cf1e 100644 --- a/meta/recipes-graphics/xorg-xserver/xserver-xorg.inc +++ b/meta/recipes-graphics/xorg-xserver/xserver-xorg.inc @@ -176,4 +176,4 @@ python populate_packages:prepend() { d.appendVar("RPROVIDES:" + pn, " " + get_abi("video")) } -CVE_STATUS[CVE-2023-5574] = "${@bb.utils.contains('PACKAGECONFIG', 'xvfb', '', 'not-applicable-config: specific to Xvfb', d)}" +CVE_STATUS[CVE-2023-5574] = "${@bb.utils.contains('PACKAGECONFIG', 'xvfb', 'unpatched', 'not-applicable-config: specific to Xvfb', d)}" -- 2.39.2
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#202269): https://lists.openembedded.org/g/openembedded-core/message/202269 Mute This Topic: https://lists.openembedded.org/mt/107439362/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
