From d9d8cd345f2a4b5ab7996f8a087413c0495d41c5 Mon Sep 17 00:00:00 2001
From: Peter Marko <peter.marko@siemens.com>
Date: Wed, 27 Sep 2023 23:06:32 +0200
Subject: json-c: define CVE_VERSION

Recently NVD updated all CVEs for json-c and old fixed
cves are reported in some older yocto branches.
NVD match clause now includes full tag name including
date which is "greater" than tag without additional numbers.

Define CVE_VERSION identical to full tag also on master to
avoid future CVEs to be reported incorrectly.
Put it close to hash so recipe update patch includes this line.

(From OE-Core rev: 190dec283b7deeb7ff898d1811924db806509e4a)

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---
 meta/recipes-devtools/json-c/json-c_0.17.bb | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'meta/recipes-devtools/json-c')

diff --git a/meta/recipes-devtools/json-c/json-c_0.17.bb b/meta/recipes-devtools/json-c/json-c_0.17.bb
index b7b596212f..f4b7a32cea 100644
--- a/meta/recipes-devtools/json-c/json-c_0.17.bb
+++ b/meta/recipes-devtools/json-c/json-c_0.17.bb
@@ -9,6 +9,9 @@ SRC_URI = "https://s3.amazonaws.com/json-c_releases/releases/${BP}.tar.gz \
            "
 SRC_URI[sha256sum] = "7550914d58fb63b2c3546f3ccfbe11f1c094147bd31a69dcd23714d7956159e6"
 
+# NVD uses full tag name including date
+CVE_VERSION = "0.17-20230812"
+
 UPSTREAM_CHECK_URI = "https://github.com/${BPN}/${BPN}/tags"
 UPSTREAM_CHECK_REGEX = "json-c-(?P<pver>\d+(\.\d+)+)-\d+"
 
-- 
cgit v1.2.3-54-g00ecf