dash: set CVE_PRODUCT

This removes false positive CVE-2024-21485 from cve reports. $ sqlite3 nvdcve_2-2.db sqlite> select * from products where product = 'dash'; CVE-2009-0854|dash|dash|0.5.4|=|| CVE-2024-21485|plotly|dash|||2.13.0|< CVE-2024-21485|plotly|dash|2.14.0|>=|2.15.0|< Our dash:dash did not reach major version 1 yet. Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit e1427013e0) Signed-off-by: Armin Kuster <akuster808@gmail.com>
2026-01-12 03:24:08 +00:00 · 2024-12-10 18:42:16 +01:00
parent b4d8bee161
commit d95bc96aec
1 changed files with 2 additions and 0 deletions
--- a/meta-oe/recipes-shells/dash/dash_0.5.12.bb
+++ b/meta-oe/recipes-shells/dash/dash_0.5.12.bb
@@ -10,6 +10,8 @@ inherit autotools update-alternatives
 SRC_URI = "http://gondor.apana.org.au/~herbert/${BPN}/files/${BP}.tar.gz"
 SRC_URI[sha256sum] = "6a474ac46e8b0b32916c4c60df694c82058d3297d8b385b74508030ca4a8f28a"

+CVE_PRODUCT = "dash:dash"
+
 EXTRA_OECONF += "--bindir=${base_bindir}"

 ALTERNATIVE:${PN} = "sh"