Set CVE_PRODUCT to 'tuxera:ntfs-3g' for ntfs-3g-ntfsprogs recipe, cve-check class is setting default CVE_PRODUCT to 'ntfs-3g-ntfsprogs' which ignores the ntfs-3g-ntfsprogs CVEs from NVD Database.
Reference: CVE-2019-9755 Link: https://nvd.nist.gov/vuln/detail/CVE-2019-9755 Signed-off-by: Akash Hadke <[email protected]> Signed-off-by: Akash Hadke <[email protected]> --- .../ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs_2021.8.22.bb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs_2021.8.22.bb b/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs_2021.8.22.bb index aa1b4c2e9..c77028785 100644 --- a/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs_2021.8.22.bb +++ b/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs_2021.8.22.bb @@ -50,3 +50,5 @@ do_install:append() { # Satisfy the -dev runtime dependency ALLOW_EMPTY:${PN} = "1" + +CVE_PRODUCT = "tuxera:ntfs-3g" -- 2.17.1
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#97515): https://lists.openembedded.org/g/openembedded-devel/message/97515 Mute This Topic: https://lists.openembedded.org/mt/91750850/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
