[meta-networking][PATCH] netcat: Set CPE_PRODUCT

[meta-networking][PATCH] netcat: Set CPE_PRODUCT

[andrestc]

This way yocto cve-check can find open CVE's. See also:

http://lists.openembedded.org/pipermail/openembedded-core/2017-July/139897.html

"Results from cve-check are not very good at the moment.
One of the reasons for this is that component names used in CVE
database differ from yocto recipe names. This series fixes several
of those name mapping problems by setting the CVE_PRODUCT correctly
in the recipes. To check this mapping with after a build, I'm exporting
LICENSE and CVE_PRODUCT variables to buildhistory for recipes and
packages."

Value added is based on:
https://nvd.nist.gov/products/cpe/search/results?keyword=netcat&status=FINAL&orderBy=CPEURI&namingFormat=2.3

Signed-off-by: Andre Carvalho <andrestc@fb.com>
---
 meta-networking/recipes-support/netcat/netcat_0.7.1.bb | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/meta-networking/recipes-support/netcat/netcat_0.7.1.bb b/meta-networking/recipes-support/netcat/netcat_0.7.1.bb
index 14d743f82..1e113de51 100644
--- a/meta-networking/recipes-support/netcat/netcat_0.7.1.bb
+++ b/meta-networking/recipes-support/netcat/netcat_0.7.1.bb
@@ -16,6 +16,8 @@ SRC_URI[sha256sum] = "b55af0bbdf5acc02d1eb6ab18da2acd77a400bafd074489003f3df0967
 
 inherit autotools
 
+CVE_PRODUCT = "netcat_project:netcat"
+
 do_install_append() {
     install -d ${D}${bindir}
     mv ${D}${bindir}/nc ${D}${bindir}/nc.${BPN}
-- 
2.24.1

Re: [oe] [meta-networking][PATCH] netcat: Set CPE_PRODUCT

[Andreas Müller]

On Thu, Jul 2, 2020 at 6:36 PM Andre Carvalho via
lists.openembedded.org <andrestc=fb.com@lists.openembedded.org> wrote:
There is a typo in commit title

Andreas
>
> This way yocto cve-check can find open CVE's. See also:
>
> http://lists.openembedded.org/pipermail/openembedded-core/2017-July/139897.html
>
> "Results from cve-check are not very good at the moment.
> One of the reasons for this is that component names used in CVE
> database differ from yocto recipe names. This series fixes several
> of those name mapping problems by setting the CVE_PRODUCT correctly
> in the recipes. To check this mapping with after a build, I'm exporting
> LICENSE and CVE_PRODUCT variables to buildhistory for recipes and
> packages."
>
> Value added is based on:
> https://nvd.nist.gov/products/cpe/search/results?keyword=netcat&status=FINAL&orderBy=CPEURI&namingFormat=2.3
>
> Signed-off-by: Andre Carvalho <andrestc@fb.com>
> ---
>  meta-networking/recipes-support/netcat/netcat_0.7.1.bb | 2 ++
>  1 file changed, 2 insertions(+)
>
> diff --git a/meta-networking/recipes-support/netcat/netcat_0.7.1.bb b/meta-networking/recipes-support/netcat/netcat_0.7.1.bb
> index 14d743f82..1e113de51 100644
> --- a/meta-networking/recipes-support/netcat/netcat_0.7.1.bb
> +++ b/meta-networking/recipes-support/netcat/netcat_0.7.1.bb
> @@ -16,6 +16,8 @@ SRC_URI[sha256sum] = "b55af0bbdf5acc02d1eb6ab18da2acd77a400bafd074489003f3df0967
>
>  inherit autotools
>
> +CVE_PRODUCT = "netcat_project:netcat"
> +
>  do_install_append() {
>      install -d ${D}${bindir}
>      mv ${D}${bindir}/nc ${D}${bindir}/nc.${BPN}
> --
> 2.24.1
>
> 

Re: [oe] [meta-networking][PATCH] netcat: Set CPE_PRODUCT

[Khem Raj]

On 7/2/20 9:49 AM, Andreas Müller wrote:
> On Thu, Jul 2, 2020 at 6:36 PM Andre Carvalho via
> lists.openembedded.org <andrestc=fb.com@lists.openembedded.org> wrote:
> There is a typo in commit title

yeah some users have seen this issue especially on patchwork this causes 
trouble too, I have to manually edit it when I apply the patch but such 
is life. I wished the mail systems were sane.

> 
> Andreas
>>
>> This way yocto cve-check can find open CVE's. See also:
>>
>> http://lists.openembedded.org/pipermail/openembedded-core/2017-July/139897.html
>>
>> "Results from cve-check are not very good at the moment.
>> One of the reasons for this is that component names used in CVE
>> database differ from yocto recipe names. This series fixes several
>> of those name mapping problems by setting the CVE_PRODUCT correctly
>> in the recipes. To check this mapping with after a build, I'm exporting
>> LICENSE and CVE_PRODUCT variables to buildhistory for recipes and
>> packages."
>>
>> Value added is based on:
>> https://nvd.nist.gov/products/cpe/search/results?keyword=netcat&status=FINAL&orderBy=CPEURI&namingFormat=2.3
>>
>> Signed-off-by: Andre Carvalho <andrestc@fb.com>
>> ---
>>   meta-networking/recipes-support/netcat/netcat_0.7.1.bb | 2 ++
>>   1 file changed, 2 insertions(+)
>>
>> diff --git a/meta-networking/recipes-support/netcat/netcat_0.7.1.bb b/meta-networking/recipes-support/netcat/netcat_0.7.1.bb
>> index 14d743f82..1e113de51 100644
>> --- a/meta-networking/recipes-support/netcat/netcat_0.7.1.bb
>> +++ b/meta-networking/recipes-support/netcat/netcat_0.7.1.bb
>> @@ -16,6 +16,8 @@ SRC_URI[sha256sum] = "b55af0bbdf5acc02d1eb6ab18da2acd77a400bafd074489003f3df0967
>>
>>   inherit autotools
>>
>> +CVE_PRODUCT = "netcat_project:netcat"
>> +
>>   do_install_append() {
>>       install -d ${D}${bindir}
>>       mv ${D}${bindir}/nc ${D}${bindir}/nc.${BPN}
>> --
>> 2.24.1
>>
>>
>>
>>