Hello, I am not aware of any CVE in the linux_audit project since 2018. There are fixes that are well worth a CVE in my opinion (even from this year). My suggestion is more to be future-proof. The name is generic and there will be a project with a similar name getting a CVE one day.
Kind regards, Marta On Thu, Jul 18, 2024 at 6:38 AM Shinji Matsunaga (Fujitsu) < [email protected]> wrote: > Hello, > > Are not there any vulnerabilities where the vendor is other than > linux_audit_project? > > > > Kind regards, > > Shinji > > *From:* Marta Rybczynska <[email protected]> > *Sent:* Wednesday, July 17, 2024 8:57 PM > *To:* Matsunaga, Shinji/松永 慎司 <[email protected]> > *Cc:* [email protected]; [email protected]; > Tokumoto, Shunsuke/徳本 俊介 <[email protected]> > *Subject:* Re: [oe] [PATCH 2/2] audit: Add linux_audit to CVE_PRODUCT > > > > > > > > On Wed, Jul 17, 2024 at 8:39 AM Matsunaga-Shinji via > lists.openembedded.org <[email protected]> > wrote: > > linux_audit is also a valid CVE_PRODUCT for audit, > e.g., https://nvd.nist.gov/vuln/detail/CVE-2015-5186. > > Signed-off-by: Shinji Matsunaga <[email protected]> > Signed-off-by: Shunsuke Tokumoto <[email protected]> > --- > meta-oe/recipes-security/audit/audit_4.0.1.bb | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/meta-oe/recipes-security/audit/audit_4.0.1.bb > b/meta-oe/recipes-security/audit/audit_4.0.1.bb > index bd8f8cc31..0b5857cbf 100644 > --- a/meta-oe/recipes-security/audit/audit_4.0.1.bb > +++ b/meta-oe/recipes-security/audit/audit_4.0.1.bb > @@ -102,4 +102,4 @@ do_install:append() { > install -d -m 0700 ${D}${localstatedir}/spool/audit > } > > -CVE_PRODUCT = "linux:audit" > +CVE_PRODUCT = "linux:audit linux_audit" > > > > Hello, > > I think it will be better to put linux_audit_project:linux_audit > > > > What do you think? > > > > Kind regards, > > Marta >
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#111391): https://lists.openembedded.org/g/openembedded-devel/message/111391 Mute This Topic: https://lists.openembedded.org/mt/107266993/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
