I think this should go to [email protected], otherwise it will get lost most likely. See https://git.yoctoproject.org/meta-selinux/tree/MAINTAINERS
On 2/27/26 06:10, Het Patel via lists.openembedded.org wrote: > From: Het Patel <[email protected]> > > The current `CVE_PRODUCT` value (`kernel:selinux`) is incorrect for > this recipe. > > Root Cause Analysis: > `CVE-2020-10751` is reported against the `kernel:selinux` CPE, and > its fix > (https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=fb73974172ff) > applies to the Linux kernel source tree. This change is unrelated to > the source code used by this recipe. > > Change Justification: > `CVE-2021-36084` is reported against the `selinux_project:selinux` > CPE. Its fix (https://github.com/SELinuxProject/selinux/commit/f34d3d30c832) > directly applies to the SELinux source repository used by this recipe, > confirming the vulnerability is applicable to this product. > > Based on this analysis, `CVE_PRODUCT` has been updated to the > correct value: `selinux_project:selinux` > > Signed-off-by: Het Patel <[email protected]> > --- > recipes-security/selinux/selinux_common.inc | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/recipes-security/selinux/selinux_common.inc > b/recipes-security/selinux/selinux_common.inc > index a7f704d..aaf0b90 100644 > --- a/recipes-security/selinux/selinux_common.inc > +++ b/recipes-security/selinux/selinux_common.inc > @@ -20,4 +20,4 @@ do_install() { > SHLIBDIR="${base_libdir}" > } > > -CVE_PRODUCT ?= "kernel:selinux" > +CVE_PRODUCT ?= "selinux_project:selinux" > > >
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#124700): https://lists.openembedded.org/g/openembedded-devel/message/124700 Mute This Topic: https://lists.openembedded.org/mt/118026141/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
