apache2: add vendor to product name used for CVE checking

This recipe sets the product name used for CVE checking to "http_server". However, the cve-check logic matches that name to all products in the CVE database regardless of vendor. Currently, it is matching to products from vendors other than apache. As a result, CVE checking incorrectly reports CVEs for those vendors' products for this package. Signed-off-by: Jeffrey Pautler <jeffrey.pautler@ni.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 51f70eaaa5973e385645f574093ee860f5648f88) Signed-off-by: Armin Kuster <akuster808@gmail.com>
author: Jeffrey Pautler <jeffrey.pautler@ni.com> 2023-11-10 10:14:04 -0600
committer: Armin Kuster <akuster808@gmail.com> 2024-01-05 07:52:17 -0500
commit: 60cb9119251ac47771161939aa726c4dbaf57666 (patch)
tree: e28fa869a1a3c36345ce31ad1fda9a540f0c1bcb
parent: f27be5ba3f2c49ec6fa493b866c46bd73d9630f6 (diff)
download: meta-openembedded-60cb9119251ac47771161939aa726c4dbaf57666.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/meta-webserver/recipes-httpd/apache2/apache2_2.4.57.bb b/meta-webserver/recipes-httpd/apache2/apache2_2.4.57.bb
index 00f8aaa415..bbc1c6c48a 100644
--- a/meta-webserver/recipes-httpd/apache2/apache2_2.4.57.bb
+++ b/meta-webserver/recipes-httpd/apache2/apache2_2.4.57.bb
@@ -36,7 +36,7 @@ inherit autotools update-rc.d pkgconfig systemd update-alternatives
 
 DEPENDS = "openssl expat pcre apr apr-util apache2-native "
 
-CVE_PRODUCT = "http_server"
+CVE_PRODUCT = "apache:http_server"
 
 SSTATE_SCAN_FILES += "apxs config_vars.mk config.nice"
author	Jeffrey Pautler <jeffrey.pautler@ni.com>	2023-11-10 10:14:04 -0600
committer	Armin Kuster <akuster808@gmail.com>	2024-01-05 07:52:17 -0500
commit	60cb9119251ac47771161939aa726c4dbaf57666 (patch)
tree	e28fa869a1a3c36345ce31ad1fda9a540f0c1bcb
parent	f27be5ba3f2c49ec6fa493b866c46bd73d9630f6 (diff)
download	meta-openembedded-60cb9119251ac47771161939aa726c4dbaf57666.tar.gz