diff mbox series

[meta-networking,dunfell] netcat: Set CVE_PRODUCT

Message ID 20220111111444.22321-1-sanakazisk19@gmail.com
State New
Headers show
Series [meta-networking,dunfell] netcat: Set CVE_PRODUCT | expand

Commit Message

Sana Kazi Jan. 11, 2022, 11:14 a.m. UTC 
From: Andre Carvalho <andrestc@fb.com>

This way yocto cve-check can find open CVE's. See also:

http://lists.openembedded.org/pipermail/openembedded-core/2017-July/139897.html

"Results from cve-check are not very good at the moment.
One of the reasons for this is that component names used in CVE
database differ from yocto recipe names. This series fixes several
of those name mapping problems by setting the CVE_PRODUCT correctly
in the recipes. To check this mapping with after a build, I'm exporting
LICENSE and CVE_PRODUCT variables to buildhistory for recipes and
packages."

Value added is based on:
https://nvd.nist.gov/products/cpe/search/results?keyword=netcat&status=FINAL&orderBy=CPEURI&namingFormat=2.3

Signed-off-by: Andre Carvalho <andrestc@fb.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Sana Kazi <sanakazisk19@gmail.com>
Signed-off-by: Sana Kazi <Sana.Kazi@kpit.com>
---
 meta-networking/recipes-support/netcat/netcat_0.7.1.bb | 2 ++
 1 file changed, 2 insertions(+)
diff mbox series

Patch

diff --git a/meta-networking/recipes-support/netcat/netcat_0.7.1.bb b/meta-networking/recipes-support/netcat/netcat_0.7.1.bb
index 14d743f82..1e113de51 100644
--- a/meta-networking/recipes-support/netcat/netcat_0.7.1.bb
+++ b/meta-networking/recipes-support/netcat/netcat_0.7.1.bb
@@ -16,6 +16,8 @@  SRC_URI[sha256sum] = "b55af0bbdf5acc02d1eb6ab18da2acd77a400bafd074489003f3df0967
 
 inherit autotools
 
+CVE_PRODUCT = "netcat_project:netcat"
+
 do_install_append() {
     install -d ${D}${bindir}
     mv ${D}${bindir}/nc ${D}${bindir}/nc.${BPN}