mirrors/meta-openembedded
1
0
Fork 0
mirror of https://github.com/openembedded/meta-openembedded.git synced 2026-06-13 17:39:57 +00:00
Code Issues Projects Releases Wiki Activity

audit: Fix CVE_PRODUCT

Browse Source 
Fix "audit" set in CVE_PRODUCT to "linux:audit" to detect only vulnerabilities where the vendor is "linux".

Currently, CVE_PRODUCT also detects vulnerabilities where the vendor is "visionsoft",
which are unrelated to the "audit" in this recipe.
https://www.opencve.io/cve?vendor=visionsoft&product=audit

In addition, all the vulnerabilities currently detected in "audit" have the vendor of "visionsoft" or "linux".
Therefore, fix "audit" set in CVE_PRODUCT to "linux:audit".

Signed-off-by: Shinji Matsunaga <shin.matsunaga@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit e87e51da49)

Adapted to Kirkstone.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
This commit is contained in:
Shinji Matsunaga
2025-12-15 20:33:39 +01:00
committed by Gyorgy Sarvari
parent ea388c67e4
commit 9b5b7102ca
2 changed files with 4 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
meta-oe/recipes-security/audit/audit_2.8.5.bb
+2
View File
@@ -107,3 +107,5 @@ do_install:append() {
# Create /var/spool/audit directory for audisp-remote
install -m 0700 -d ${D}${localstatedir}/spool/audit
}
CVE_PRODUCT = "linux:audit"
meta-oe/recipes-security/audit/audit_3.0.8.bb
+2
View File
@@ -113,3 +113,5 @@ do_install:append() {
# Create /var/spool/audit directory for audisp-remote
install -m 0700 -d ${D}${localstatedir}/spool/audit
}
CVE_PRODUCT = "linux:audit"