From: Peter Marko <peter.ma...@siemens.com>
CVE reports now show 3 CVEs for this component.
They are for "The Puzzles theme for WordPress" with cpe like
"cpe:2.3:a:themerex:puzzles:*:*:*:*:*:wordpress:*:*".
Setting vendor solves these false positives.
Vendor is set per git path "git://git.tartarus.org/simon/puzzles.git".
This may be wrong value, but since we don't support negative regex, this
is the best we can do now if we don't want to start marking all with
cpe-incorrect status one by one.
Signed-off-by: Peter Marko <peter.ma...@siemens.com>
---
meta/recipes-sato/puzzles/puzzles_git.bb | 2 ++
1 file changed, 2 insertions(+)
diff --git a/meta/recipes-sato/puzzles/puzzles_git.bb
b/meta/recipes-sato/puzzles/puzzles_git.bb
index 677a9e291e0..df2491ec850 100644
--- a/meta/recipes-sato/puzzles/puzzles_git.bb
+++ b/meta/recipes-sato/puzzles/puzzles_git.bb
@@ -20,6 +20,8 @@ inherit cmake features_check pkgconfig
DEPENDS += "gtk+3"
+CVE_PRODUCT = "simon:puzzles"
+
do_install:append () {
# net conflicts with Samba, so rename it
mv ${D}${bindir}/net ${D}${bindir}/puzzles-net
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#212092):
https://lists.openembedded.org/g/openembedded-core/message/212092
Mute This Topic: https://lists.openembedded.org/mt/111449818/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
