diff options
| author | Jeffrey Pautler <jeffrey.pautler@ni.com> | 2023-11-10 10:14:04 -0600 |
|---|---|---|
| committer | Armin Kuster <akuster808@gmail.com> | 2024-01-12 07:14:16 -0500 |
| commit | f026a9c41bfbaa71c6111e221716fb683f552ba7 (patch) | |
| tree | 538ac520dd5d5903dfd50666cb20328ccf7bbed8 | |
| parent | 9843839b2374e02fa9e7c998fd8d642b1c0626f9 (diff) | |
| download | meta-openembedded-f026a9c41bfbaa71c6111e221716fb683f552ba7.tar.gz | |
apache2: add vendor to product name used for CVE checking
This recipe sets the product name used for CVE checking to
"http_server". However, the cve-check logic matches that name to all
products in the CVE database regardless of vendor. Currently, it is
matching to products from vendors other than apache. As a result,
CVE checking incorrectly reports CVEs for those vendors' products for
this package.
Signed-off-by: Jeffrey Pautler <jeffrey.pautler@ni.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 51f70eaaa5973e385645f574093ee860f5648f88)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
| -rw-r--r-- | meta-webserver/recipes-httpd/apache2/apache2_2.4.57.bb | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/meta-webserver/recipes-httpd/apache2/apache2_2.4.57.bb b/meta-webserver/recipes-httpd/apache2/apache2_2.4.57.bb index 9ffdf3265..3fbc975fc 100644 --- a/meta-webserver/recipes-httpd/apache2/apache2_2.4.57.bb +++ b/meta-webserver/recipes-httpd/apache2/apache2_2.4.57.bb | |||
| @@ -36,7 +36,7 @@ inherit autotools update-rc.d pkgconfig systemd update-alternatives | |||
| 36 | 36 | ||
| 37 | DEPENDS = "openssl expat pcre apr apr-util apache2-native " | 37 | DEPENDS = "openssl expat pcre apr apr-util apache2-native " |
| 38 | 38 | ||
| 39 | CVE_PRODUCT = "http_server" | 39 | CVE_PRODUCT = "apache:http_server" |
| 40 | 40 | ||
| 41 | SSTATE_SCAN_FILES += "apxs config_vars.mk config.nice" | 41 | SSTATE_SCAN_FILES += "apxs config_vars.mk config.nice" |
| 42 | 42 | ||