[oe] [scarthgap][meta-gnome][PATCH 3/3] gnome-keyring: set CVE_PRODUCT

[Anuj Mittal via lists.openembedded.org]

From: Gyorgy Sarvari <skandigr...@gmail.com>

The underscores and hyphens in the product name are used randomly in the CVE
database:

sqlite> select * from PRODUCTs where vendor = 'gnome' and product like '%keyr%';
CVE-2012-3466|gnome|gnome-keyring|3.4.0|=||
CVE-2012-3466|gnome|gnome-keyring|3.4.1|=||
CVE-2012-6111|gnome|gnome_keyring|3.2|=||
CVE-2012-6111|gnome|gnome_keyring|3.4|=||
CVE-2018-19358|gnome|gnome-keyring|||3.28.2|<=
CVE-2018-20781|gnome|gnome_keyring|||3.27.2|<

Set CVE_PRODUCT so that both versions are matched.

Signed-off-by: Gyorgy Sarvari <skandigr...@gmail.com>
Signed-off-by: Khem Raj <raj.k...@gmail.com>
(cherry picked from commit 4fdeb484c27282c85f7606bfce5e4158a860affa)
Signed-off-by: Anuj Mittal <anuj.mit...@oss.qualcomm.com>
---
 meta-gnome/recipes-gnome/gnome-keyring/gnome-keyring_46.1.bb | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/meta-gnome/recipes-gnome/gnome-keyring/gnome-keyring_46.1.bb 
b/meta-gnome/recipes-gnome/gnome-keyring/gnome-keyring_46.1.bb
index 8df3710e6a..41f1f164ed 100644
--- a/meta-gnome/recipes-gnome/gnome-keyring/gnome-keyring_46.1.bb
+++ b/meta-gnome/recipes-gnome/gnome-keyring/gnome-keyring_46.1.bb
@@ -9,6 +9,8 @@ LIC_FILES_CHKSUM = " \
     file://COPYING.LIB;md5=4fbd65380cdd255951079008b364516c \
 "
 
+CVE_PRODUCT = "gnome-keyring gnome_keyring"
+
 DEPENDS = " \
     glib-2.0-native \
     gtk+3 \
-- 
2.52.0


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#123857): 
https://lists.openembedded.org/g/openembedded-devel/message/123857
Mute This Topic: https://lists.openembedded.org/mt/117464360/21656
Group Owner: openembedded-devel+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-