| Message ID | 20250109102051.3685800-1-madmarri@cisco.com |
|---|---|
| State | New |
| Headers | show |
| Series | [scarthgap] strace: add vendor to CVE_PRODUCT to exclude false positives | expand |
diff --git a/meta/recipes-devtools/strace/strace_6.7.bb b/meta/recipes-devtools/strace/strace_6.7.bb index c8c83cdf7c..30ac31ee69 100644 --- a/meta/recipes-devtools/strace/strace_6.7.bb +++ b/meta/recipes-devtools/strace/strace_6.7.bb @@ -54,3 +54,6 @@ RDEPENDS:${PN}-ptest:append:libc-glibc = "\ " BBCLASSEXTEND = "native" + +# adding 'CVE_PRODUCT' to avoid false detection of CVEs +CVE_PRODUCT = "strace:strace"
- To avoid false positives such as CVE-2000-0006, add the CVE_PRODUCT value with the vendor. - The CVE-2000-0006 has the vendor paul_kranenburg:strace. - This change has been verified by running do_cve_check task for strace package. Signed-off-by: Madhu Marri <madmarri@cisco.com> --- meta/recipes-devtools/strace/strace_6.7.bb | 3 +++ 1 file changed, 3 insertions(+)