From 752654120927f635c52b53229a0dbf6d04856e44 Mon Sep 17 00:00:00 2001 From: Andre Carvalho Date: Thu, 2 Jul 2020 10:12:27 -0700 Subject: netcat: Set CVE_PRODUCT This way yocto cve-check can find open CVE's. See also: http://lists.openembedded.org/pipermail/openembedded-core/2017-July/139897.html "Results from cve-check are not very good at the moment. One of the reasons for this is that component names used in CVE database differ from yocto recipe names. This series fixes several of those name mapping problems by setting the CVE_PRODUCT correctly in the recipes. To check this mapping with after a build, I'm exporting LICENSE and CVE_PRODUCT variables to buildhistory for recipes and packages." Value added is based on: https://nvd.nist.gov/products/cpe/search/results?keyword=netcat&status=FINAL&orderBy=CPEURI&namingFormat=2.3 Signed-off-by: Andre Carvalho Signed-off-by: Khem Raj --- meta-networking/recipes-support/netcat/netcat_0.7.1.bb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/meta-networking/recipes-support/netcat/netcat_0.7.1.bb b/meta-networking/recipes-support/netcat/netcat_0.7.1.bb index 14d743f820..1e113de519 100644 --- a/meta-networking/recipes-support/netcat/netcat_0.7.1.bb +++ b/meta-networking/recipes-support/netcat/netcat_0.7.1.bb @@ -16,6 +16,8 @@ SRC_URI[sha256sum] = "b55af0bbdf5acc02d1eb6ab18da2acd77a400bafd074489003f3df0967 inherit autotools +CVE_PRODUCT = "netcat_project:netcat" + do_install_append() { install -d ${D}${bindir} mv ${D}${bindir}/nc ${D}${bindir}/nc.${BPN} -- cgit 1.2.3-korg