From: Shinji Matsunaga <[email protected]> Fix "audit" set in CVE_PRODUCT to "linux:audit" to detect only vulnerabilities where the vendor is "linux".
Currently, CVE_PRODUCT also detects vulnerabilities where the vendor is "visionsoft", which are unrelated to the "audit" in this recipe. https://www.opencve.io/cve?vendor=visionsoft&product=audit In addition, all the vulnerabilities currently detected in "audit" have the vendor of "visionsoft" or "linux". Therefore, fix "audit" set in CVE_PRODUCT to "linux:audit". Signed-off-by: Shinji Matsunaga <[email protected]> Signed-off-by: Khem Raj <[email protected]> (cherry picked from commit e87e51da49fe121be8f6dd4cec3263a345f2f876) Signed-off-by: Ankur Tyagi <[email protected]> --- meta-oe/recipes-security/audit/audit_4.0.2.bb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/meta-oe/recipes-security/audit/audit_4.0.2.bb b/meta-oe/recipes-security/audit/audit_4.0.2.bb index 0086f8db69..8a080eb709 100644 --- a/meta-oe/recipes-security/audit/audit_4.0.2.bb +++ b/meta-oe/recipes-security/audit/audit_4.0.2.bb @@ -99,3 +99,5 @@ do_install:append() { # Create /var/spool/audit directory for audisp-remote install -d -m 0700 ${D}${localstatedir}/spool/audit } + +CVE_PRODUCT = "linux:audit"
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#121618): https://lists.openembedded.org/g/openembedded-devel/message/121618 Mute This Topic: https://lists.openembedded.org/mt/116270442/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
