From: Shinji Matsunaga <[email protected]> Fix "audit" set in CVE_PRODUCT to "linux:audit" to detect only vulnerabilities where the vendor is "linux".
Currently, CVE_PRODUCT also detects vulnerabilities where the vendor is "visionsoft", which are unrelated to the "audit" in this recipe. https://www.opencve.io/cve?vendor=visionsoft&product=audit In addition, all the vulnerabilities currently detected in "audit" have the vendor of "visionsoft" or "linux". Therefore, fix "audit" set in CVE_PRODUCT to "linux:audit". Signed-off-by: Shinji Matsunaga <[email protected]> Signed-off-by: Khem Raj <[email protected]> Signed-off-by: Armin Kuster <[email protected]> --- meta-oe/recipes-security/audit/audit_4.0.2.bb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/meta-oe/recipes-security/audit/audit_4.0.2.bb b/meta-oe/recipes-security/audit/audit_4.0.2.bb index d6742c9eb0..6bb8a2c703 100644 --- a/meta-oe/recipes-security/audit/audit_4.0.2.bb +++ b/meta-oe/recipes-security/audit/audit_4.0.2.bb @@ -99,3 +99,5 @@ do_install:append() { # Create /var/spool/audit directory for audisp-remote install -d -m 0700 ${D}${localstatedir}/spool/audit } + +CVE_PRODUCT = "linux:audit" -- 2.43.0
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#113457): https://lists.openembedded.org/g/openembedded-devel/message/113457 Mute This Topic: https://lists.openembedded.org/mt/109406571/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
