diff options
| author | Peter Marko <peter.marko@siemens.com> | 2023-09-27 23:05:40 +0200 |
|---|---|---|
| committer | Steve Sakoman <steve@sakoman.com> | 2023-10-05 15:48:49 -1000 |
| commit | 25073f9c0e0ca7ecfe8f38bf620147314c0d3ddc (patch) | |
| tree | bcf52f9e0ec434f79233d48c64c27f731b027954 | |
| parent | 0e4966eb77928a07230e031d6d9c477c01ec9cce (diff) | |
| download | poky-25073f9c0e0ca7ecfe8f38bf620147314c0d3ddc.tar.gz | |
json-c: define CVE_VERSION
Recently NVD updated all CVEs for json-c and old fixed
CVE-2020-12762 is reported by cve_check now.
NVD match clause now includes full tag name including
date which is "greater" than tag without additional numbers.
Fix it by defining CVE_VERSION identical to full tag.
Put it close to hash so recipe update patch includes this line.
(From OE-Core rev: 55e9ff0fe1de70f226557529f73c28f34f6956ed)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
| -rw-r--r-- | meta/recipes-devtools/json-c/json-c_0.15.bb | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/meta/recipes-devtools/json-c/json-c_0.15.bb b/meta/recipes-devtools/json-c/json-c_0.15.bb index 4da30bc50c..b3679e0135 100644 --- a/meta/recipes-devtools/json-c/json-c_0.15.bb +++ b/meta/recipes-devtools/json-c/json-c_0.15.bb | |||
| @@ -12,6 +12,9 @@ SRC_URI = " \ | |||
| 12 | 12 | ||
| 13 | SRC_URI[sha256sum] = "b8d80a1ddb718b3ba7492916237bbf86609e9709fb007e7f7d4322f02341a4c6" | 13 | SRC_URI[sha256sum] = "b8d80a1ddb718b3ba7492916237bbf86609e9709fb007e7f7d4322f02341a4c6" |
| 14 | 14 | ||
| 15 | # NVD uses full tag name including date | ||
| 16 | CVE_VERSION = "0.15-20200726" | ||
| 17 | |||
| 15 | UPSTREAM_CHECK_URI = "https://github.com/${BPN}/${BPN}/tags" | 18 | UPSTREAM_CHECK_URI = "https://github.com/${BPN}/${BPN}/tags" |
| 16 | UPSTREAM_CHECK_REGEX = "json-c-(?P<pver>\d+(\.\d+)+)-\d+" | 19 | UPSTREAM_CHECK_REGEX = "json-c-(?P<pver>\d+(\.\d+)+)-\d+" |
| 17 | 20 | ||