From: Het Patel <[email protected]> Set CVE_PRODUCT to "google:google_test" to match the product name defined in the NVD CPE database for Googletest.
Reference CPE: cpe:2.3:a:google:google_test https://nvd.nist.gov/products/cpe/detail/5806549A-1DCE-4225-80C6-7099B53A0F77?namingFormat=2.3 Full list of available CPEs for google_test: https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=google_test Currently, no CVEs are reported for Googletest. However, the source code is already mapped to this CPE in NVD. Defining CVE_PRODUCT ensures that future CVEs reported against this CPE will be correctly detected and attributed during CVE checking. Signed-off-by: Het Patel <[email protected]> --- meta-oe/recipes-test/googletest/googletest_1.17.0.bb | 3 +++ 1 file changed, 3 insertions(+) diff --git a/meta-oe/recipes-test/googletest/googletest_1.17.0.bb b/meta-oe/recipes-test/googletest/googletest_1.17.0.bb index c8ed80053d..242f0ac7da 100644 --- a/meta-oe/recipes-test/googletest/googletest_1.17.0.bb +++ b/meta-oe/recipes-test/googletest/googletest_1.17.0.bb @@ -35,3 +35,6 @@ do_configure:prepend() { # there isn't python in HOSTTOOLS so "env python" fails sed -i 's@^#!/usr/bin/env python$@#!/usr/bin/env python3@g' ${S}/googlemock/test/*py ${S}/googletest/test/*py } + +# Add CVE_PRODUCT to match the NVD CPE product name +CVE_PRODUCT = "google:google_test"
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#124699): https://lists.openembedded.org/g/openembedded-devel/message/124699 Mute This Topic: https://lists.openembedded.org/mt/118027691/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
