From: Mikko Rapeli <mikko.rapeli@bmw.de>
To: openembedded-core@lists.openembedded.org
Subject: [PATCH RFC CFH][sumo 37/47] flex: set CVE_PRODUCT to include vendor
Date: Wed, 6 Nov 2019 17:37:52 +0200 [thread overview]
Message-ID: <7c267e1400c6cddd22e256a6705233f2e22d49d3.1573047195.git.mikko.rapeli@bmw.de> (raw)
In-Reply-To: <cover.1573047194.git.mikko.rapeli@bmw.de>
In-Reply-To: <cover.1573047194.git.mikko.rapeli@bmw.de>
From: Ross Burton <ross.burton@intel.com>
There are many projects called Flex and they have CVEs, so also set the vendor
to remove these false positives.
(From OE-Core rev: 0598ccdcb31e16f1d1227197591b10ba441fcfe2)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---
meta/recipes-devtools/flex/flex_2.6.0.bb | 3 +++
1 file changed, 3 insertions(+)
diff --git a/meta/recipes-devtools/flex/flex_2.6.0.bb b/meta/recipes-devtools/flex/flex_2.6.0.bb
index b89b751..954fcf7 100644
--- a/meta/recipes-devtools/flex/flex_2.6.0.bb
+++ b/meta/recipes-devtools/flex/flex_2.6.0.bb
@@ -68,3 +68,6 @@ do_install_ptest() {
-e 's/^builddir = \(.*\)/builddir = ./' -e 's/^top_builddir = \(.*\)/top_builddir = ./' \
-i ${D}${PTEST_PATH}/Makefile
}
+
+# Not Apache Flex, or Adobe Flex, or IBM Flex.
+CVE_PRODUCT = "flex_project:flex"
--
1.9.1
next prev parent reply other threads:[~2019-11-06 15:38 UTC|newest]
Thread overview: 62+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-11-06 15:37 [PATCH RFC CFH][sumo 00/47] CVE check backport Mikko Rapeli
2019-11-06 15:37 ` [PATCH RFC CFH][sumo 01/47] cve-update-db: New recipe to update CVE database Mikko Rapeli
2019-11-06 15:37 ` [PATCH RFC CFH][sumo 02/47] cve-check: Remove dependency to cve-check-tool-native Mikko Rapeli
2019-11-06 15:37 ` [PATCH RFC CFH][sumo 03/47] cve-check: Manage CVE_PRODUCT with more than one name Mikko Rapeli
2019-11-06 15:37 ` [PATCH RFC CFH][sumo 04/47] cve-check: Consider CVE that affects versions with less than operator Mikko Rapeli
2019-11-06 15:37 ` [PATCH RFC CFH][sumo 05/47] flac: also add flac to CVE_PRODUCT Mikko Rapeli
2019-11-06 15:37 ` [PATCH RFC CFH][sumo 06/47] cve-update-db: Use std library instead of urllib3 Mikko Rapeli
2019-11-06 15:37 ` [PATCH RFC CFH][sumo 07/47] cve-check: be idiomatic Mikko Rapeli
2019-11-06 15:37 ` [PATCH RFC CFH][sumo 08/47] cve-update-db: Manage proxy if needed Mikko Rapeli
2019-11-06 15:37 ` [PATCH RFC CFH][sumo 09/47] cve-update-db: do_populate_cve_db depends on do_fetch Mikko Rapeli
2019-11-06 15:37 ` [PATCH RFC CFH][sumo 10/47] cve-update-db: Catch request.urlopen errors Mikko Rapeli
2019-11-06 15:37 ` [PATCH RFC CFH][sumo 11/47] cve-check: Depends on cve-update-db-native Mikko Rapeli
2019-11-06 15:37 ` [PATCH RFC CFH][sumo 12/47] cve-check: Update unpatched CVE matching Mikko Rapeli
2019-11-06 15:37 ` [PATCH RFC CFH][sumo 13/47] cve-check: remove redundant readline CVE whitelisting Mikko Rapeli
2019-11-06 15:37 ` [PATCH RFC CFH][sumo 14/47] cve-check-tool: remove Mikko Rapeli
2019-11-06 15:37 ` [PATCH RFC CFH][sumo 15/47] glibc: exclude child recipes from CVE scanning Mikko Rapeli
2019-11-06 15:37 ` [PATCH RFC CFH][sumo 16/47] cve-check.bbclass: initialize to_append Mikko Rapeli
2019-11-06 15:37 ` [PATCH RFC CFH][sumo 17/47] cve-check: allow comparison of Vendor as well as Product Mikko Rapeli
2019-11-06 15:37 ` [PATCH RFC CFH][sumo 18/47] cve-check: Replace CVE_CHECK_CVE_WHITELIST by CVE_CHECK_WHITELIST Mikko Rapeli
2019-11-06 15:37 ` [PATCH RFC CFH][sumo 19/47] cve-update-db-native: use SQL placeholders instead of format strings Mikko Rapeli
2019-11-06 15:37 ` [PATCH RFC CFH][sumo 20/47] cve-update-db: Use NVD CPE data to populate PRODUCTS table Mikko Rapeli
2019-11-06 15:37 ` [PATCH RFC CFH][sumo 21/47] cve-update-db-native: Remove hash column from database Mikko Rapeli
2019-11-06 15:37 ` [PATCH RFC CFH][sumo 22/47] cve-update-db-native: use os.path.join instead of + Mikko Rapeli
2019-11-06 15:37 ` [PATCH RFC CFH][sumo 23/47] cve-update-db: actually inherit native Mikko Rapeli
2019-11-06 15:37 ` [PATCH RFC CFH][sumo 24/47] cve-update-db-native: use executemany() to optimise CPE insertion Mikko Rapeli
2019-11-06 15:37 ` [PATCH RFC CFH][sumo 25/47] cve-update-db-native: improve metadata parsing Mikko Rapeli
2019-11-06 15:37 ` [PATCH RFC CFH][sumo 26/47] cve-update-db-native: clean up JSON fetching Mikko Rapeli
2019-11-06 15:37 ` [PATCH RFC CFH][sumo 27/47] cve-update-db-native: fix https proxy issues Mikko Rapeli
2019-11-06 15:37 ` [PATCH RFC CFH][sumo 28/47] cve-check: ensure all known CVEs are in the report Mikko Rapeli
2019-11-06 15:37 ` [PATCH RFC CFH][sumo 29/47] cve-check: failure to parse versions should be more visible Mikko Rapeli
2019-11-06 15:37 ` [PATCH RFC CFH][sumo 30/47] xserver-xorg: set CVE_PRODUCT Mikko Rapeli
2019-11-06 15:37 ` [PATCH RFC CFH][sumo 31/47] nasm: add CVE_PRODUCT Mikko Rapeli
2019-11-06 15:37 ` [PATCH RFC CFH][sumo 32/47] dropbear: set CVE_PRODUCT Mikko Rapeli
2019-11-06 15:37 ` [PATCH RFC CFH][sumo 33/47] libsdl: " Mikko Rapeli
2019-11-06 15:37 ` [PATCH RFC CFH][sumo 34/47] ghostscript: " Mikko Rapeli
2019-11-06 15:37 ` [PATCH RFC CFH][sumo 35/47] squashfs-tools: " Mikko Rapeli
2019-11-06 15:37 ` [PATCH RFC CFH][sumo 36/47] libxfont2: " Mikko Rapeli
2019-11-06 15:37 ` Mikko Rapeli [this message]
2019-11-06 15:37 ` [PATCH RFC CFH][sumo 38/47] webkitgtk: " Mikko Rapeli
2019-11-06 15:37 ` [PATCH RFC CFH][sumo 39/47] libpam: " Mikko Rapeli
2019-11-06 15:37 ` [PATCH RFC CFH][sumo 40/47] procps: whitelist CVE-2018-1121 Mikko Rapeli
2019-11-06 15:37 ` [PATCH RFC CFH][sumo 41/47] libpng: whitelist CVE-2019-17371 Mikko Rapeli
2019-11-06 15:37 ` [PATCH RFC CFH][sumo 42/47] openssl: set CVE vendor to openssl Mikko Rapeli
2019-11-06 15:37 ` [PATCH RFC CFH][sumo 43/47] rsync: fix CVEs for included zlib Mikko Rapeli
2019-11-06 15:37 ` [PATCH RFC CFH][sumo 44/47] ed: set CVE vendor to avoid false positives Mikko Rapeli
2019-11-06 15:38 ` [PATCH RFC CFH][sumo 45/47] boost: set CVE vendor to Boost Mikko Rapeli
2019-11-06 15:38 ` [PATCH RFC CFH][sumo 46/47] subversion: set CVE vendor to Apache Mikko Rapeli
2019-11-06 15:38 ` [PATCH RFC CFH][sumo 47/47] git: set CVE vendor to git-scm Mikko Rapeli
2019-11-06 17:32 ` ✗ patchtest: failure for CVE check backport Patchwork
2019-11-06 21:46 ` [PATCH RFC CFH][sumo 00/47] " akuster808
2019-11-07 9:14 ` Mikko.Rapeli
2019-11-07 15:03 ` Richard Purdie
2019-11-07 15:55 ` akuster808
2019-11-07 16:32 ` Richard Purdie
2019-11-11 10:42 ` Adrian Bunk
2019-11-11 13:12 ` Richard Purdie
2019-11-11 14:14 ` Adrian Bunk
2019-11-11 15:54 ` Khem Raj
2019-11-11 16:13 ` Adrian Bunk
2019-11-07 11:13 ` Adrian Bunk
2019-11-07 12:13 ` Mikko.Rapeli
2019-11-07 14:47 ` Adrian Bunk
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=7c267e1400c6cddd22e256a6705233f2e22d49d3.1573047195.git.mikko.rapeli@bmw.de \
--to=mikko.rapeli@bmw.de \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.