> -----Original Message----- > From: [email protected] <openembedded- > [email protected]> On Behalf Of Het Patel via > lists.openembedded.org > Sent: Thursday, February 26, 2026 13:54 > To: [email protected] > Cc: [email protected]; [email protected] > Subject: [OE-core] [PATCH v1] util-linux: Add vendor to CVE_PRODUCT to > exclude false positives > > From: Het Patel <[email protected]> > > - Added the vendor to CVE_PRODUCT to prevent false positives. > > Signed-off-by: Het Patel <[email protected]> > --- > meta/recipes-core/util-linux/util-linux.inc | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/meta/recipes-core/util-linux/util-linux.inc > b/meta/recipes-core/util- > linux/util-linux.inc > index deb9bfd064..81fefa5afa 100644 > --- a/meta/recipes-core/util-linux/util-linux.inc > +++ b/meta/recipes-core/util-linux/util-linux.inc > @@ -24,4 +24,4 @@ SRC_URI = "${KERNELORG_MIRROR}/linux/utils/util- > linux/v${MAJOR_VERSION}/util-lin > > SRC_URI[sha256sum] = > "3330d873f0fceb5560b89a7dc14e4f3288bbd880e96903ed9b50ec2b5799e58b" > > -CVE_PRODUCT = "util-linux" > +CVE_PRODUCT = "kernel:util-linux"
Which false positives are you trying to remove? I think that all of these are correct and there are not false positives: sqlite> select count(*), vendor, product from products where product like '%util-linux%' group by vendor, product; 29|andries_brouwer|util-linux 16|kernel|util-linux 56|linux|util-linux 1|util-linux_project|util-linux
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#232023): https://lists.openembedded.org/g/openembedded-core/message/232023 Mute This Topic: https://lists.openembedded.org/mt/118011172/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
