diff options
| author | Shinji Matsunaga <shin.matsunaga@fujitsu.com> | 2024-09-24 15:38:32 +0900 |
|---|---|---|
| committer | Khem Raj <raj.khem@gmail.com> | 2024-09-24 23:26:23 -0700 |
| commit | e87e51da49fe121be8f6dd4cec3263a345f2f876 (patch) | |
| tree | 5cc2b8f39858878139b7ed943cd17f130c8e5786 /meta-oe/recipes-security | |
| parent | 4102c9d4c021182820d19f8870a46c5ef003f1da (diff) | |
| download | meta-openembedded-e87e51da49fe121be8f6dd4cec3263a345f2f876.tar.gz | |
audit: Fix CVE_PRODUCT
Fix "audit" set in CVE_PRODUCT to "linux:audit" to detect only vulnerabilities where the vendor is "linux".
Currently, CVE_PRODUCT also detects vulnerabilities where the vendor is "visionsoft",
which are unrelated to the "audit" in this recipe.
https://www.opencve.io/cve?vendor=visionsoft&product=audit
In addition, all the vulnerabilities currently detected in "audit" have the vendor of "visionsoft" or "linux".
Therefore, fix "audit" set in CVE_PRODUCT to "linux:audit".
Signed-off-by: Shinji Matsunaga <shin.matsunaga@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Diffstat (limited to 'meta-oe/recipes-security')
| -rw-r--r-- | meta-oe/recipes-security/audit/audit_4.0.2.bb | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/meta-oe/recipes-security/audit/audit_4.0.2.bb b/meta-oe/recipes-security/audit/audit_4.0.2.bb index d6742c9eb..6bb8a2c70 100644 --- a/meta-oe/recipes-security/audit/audit_4.0.2.bb +++ b/meta-oe/recipes-security/audit/audit_4.0.2.bb | |||
| @@ -99,3 +99,5 @@ do_install:append() { | |||
| 99 | # Create /var/spool/audit directory for audisp-remote | 99 | # Create /var/spool/audit directory for audisp-remote |
| 100 | install -d -m 0700 ${D}${localstatedir}/spool/audit | 100 | install -d -m 0700 ${D}${localstatedir}/spool/audit |
| 101 | } | 101 | } |
| 102 | |||
| 103 | CVE_PRODUCT = "linux:audit" | ||