diff options
| author | schitrod=cisco.com@lists.yoctoproject.org <schitrod=cisco.com@lists.yoctoproject.org> | 2023-05-15 06:15:22 -0700 |
|---|---|---|
| committer | Joe MacDonald <joe@deserted.net> | 2023-05-31 09:43:14 -0400 |
| commit | bd3902cb9351c37d8e348abcd95c83d267c0a106 (patch) | |
| tree | 9a1f7a1dc4af199a6d1824c2b46dcb0f9db16e2d | |
| parent | 47858343ed2cdc8e39d9e1f916c27db738513dd3 (diff) | |
| download | meta-selinux-bd3902cb9351c37d8e348abcd95c83d267c0a106.tar.gz | |
selinux: Set CVE_PRODUCTmickledore
The CVE product name for selinux-* package is (usually) the selinux
(and not our recipe name), so use selinux as the default.
See also:
http://lists.openembedded.org/pipermail/openembedded-core/2017-July/139897.html
"Results from cve-check are not very good at the moment.
One of the reasons for this is that component names used in CVE
database differ from yocto recipe names. This series fixes several
of those name mapping problems by setting the CVE_PRODUCT correctly
in the recipes. To check this mapping with after a build, I'm exporting
LICENSE and CVE_PRODUCT variables to buildhistory for recipes and
packages."
Value added is based on:
https://nvd.nist.gov/vuln/search/results?results_type=overview&search_type=all&cpe_product=cpe%3A%2F%3Akernel%3Aselinux
Signed-off-by: Sanjay Chitroda <schitrod@cisco.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
| -rw-r--r-- | recipes-security/selinux/selinux_common.inc | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/recipes-security/selinux/selinux_common.inc b/recipes-security/selinux/selinux_common.inc index 87e9231..145b21a 100644 --- a/recipes-security/selinux/selinux_common.inc +++ b/recipes-security/selinux/selinux_common.inc | |||
| @@ -17,3 +17,5 @@ do_install() { | |||
| 17 | LIBDIR="${libdir}" \ | 17 | LIBDIR="${libdir}" \ |
| 18 | SHLIBDIR="${base_libdir}" | 18 | SHLIBDIR="${base_libdir}" |
| 19 | } | 19 | } |
| 20 | |||
| 21 | CVE_PRODUCT ?= "kernel:selinux" | ||