[dunfell,04/14] cve_check: Fix cpe_id generation

Message ID	8fad45ce31ba8369a5dc8d772f0196bf984d0425.1692931546.git.steve@sakoman.com
State	Accepted, archived
Headers	show Return-Path: <steve@sakoman.com> ip: 209.85.210.173, mailfrom: steve@sakoman.com) From: Steve Sakoman <steve@sakoman.com> To: openembedded-core@lists.openembedded.org Subject: [OE-core][dunfell 04/14] cve_check: Fix cpe_id generation Date: Thu, 24 Aug 2023 16:47:28 -1000 Message-Id: <8fad45ce31ba8369a5dc8d772f0196bf984d0425.1692931546.git.steve@sakoman.com> In-Reply-To: <cover.1692931546.git.steve@sakoman.com> References: <cover.1692931546.git.steve@sakoman.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit
Series	[dunfell,01/14] curl: Backport fix CVE-2023-32001 \| expand [dunfell,01/14] curl: Backport fix CVE-2023-32001 [dunfell,02/14] elfutils: Backport fix for CVE-2021-33294 [dunfell,03/14] tiff: CVE-2022-3599.patch also fix CVE-2022-4645 CVE-2023-30774 [dunfell,04/14] cve_check: Fix cpe_id generation [dunfell,05/14] libnss-nis: upgrade 3.1 -> 3.2 [dunfell,06/14] linux-firmware: upgrade 20230515 -> 20230625 [dunfell,07/14] linux-firmware: package firmare for Dragonboard 410c [dunfell,08/14] linux-firmware : Add firmware of RTL8822 serie [dunfell,09/14] linux-firmware: split platform-specific Adreno shaders to separate packages [dunfell,10/14] yocto-uninative: Update hashes for uninative 4.1 [dunfell,11/14] yocto-uninative: Update to 4.2 for glibc 2.38 [dunfell,12/14] recipetool: Fix inherit in created -native* recipes [dunfell,13/14] oeqa/runtime/cases/rpm: fix wait_for_no_process_for_user failure case [dunfell,14/14] grub2.inc: remove '-O2' from CFLAGS

Message ID

8fad45ce31ba8369a5dc8d772f0196bf984d0425.1692931546.git.steve@sakoman.com

State

Accepted, archived

Headers

From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][dunfell 04/14] cve_check: Fix cpe_id generation
Date: Thu, 24 Aug 2023 16:47:28 -1000
Message-Id: 
 <8fad45ce31ba8369a5dc8d772f0196bf984d0425.1692931546.git.steve@sakoman.com>
In-Reply-To: <cover.1692931546.git.steve@sakoman.com>
References: <cover.1692931546.git.steve@sakoman.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Series

[dunfell,01/14] curl: Backport fix CVE-2023-32001 | expand

Commit Message

Steve Sakoman Aug. 25, 2023, 2:47 a.m. UTC

From: Jasper Orschulko <jasper@fancydomain.eu>

Use "*" (wildcard) instead of "a" (application)in cpe_id generation,
as the product is not necessarily of type application, e.g.
linux_kernel, which is of type "o" (operating system).

(From OE-Core rev: cae9528b002c06143bf048b991b9d7e93968cb6b)

Signed-off-by: Jasper Orschulko <jasper@fancydomain.eu>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/lib/oe/cve_check.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/lib/oe/cve_check.py b/meta/lib/oe/cve_check.py
index c508865738..aada53bf38 100644
--- a/meta/lib/oe/cve_check.py
+++ b/meta/lib/oe/cve_check.py
@@ -168,7 +168,7 @@  def get_cpe_ids(cve_product, version):
         else:
             vendor = "*"
 
-        cpe_id = 'cpe:2.3:a:{}:{}:{}:*:*:*:*:*:*:*'.format(vendor, product, version)
+        cpe_id = 'cpe:2.3:*:{}:{}:{}:*:*:*:*:*:*:*'.format(vendor, product, version)
         cpe_ids.append(cpe_id)
 
     return cpe_ids

[dunfell,04/14] cve_check: Fix cpe_id generation

Commit Message

Patch