diff mbox series

[2/6] wic: set CVE_PRODUCT

Message ID 20260413211447.564257-2-peter.marko@siemens.com
State Under Review
Headers show
Series [1/6] xdg-utils: set status for CVE-2025-52968 | expand

Commit Message

Peter Marko April 13, 2026, 9:14 p.m. UTC 
From: Peter Marko <peter.marko@siemens.com>

Current CVE reports show following CVE-2008-6713 as open.
NVD shows CPE as massive_entertainment:wic ([1]).

Set vendor as yoctoproject, which is best approximation of possible
future CVEs as it is already used for other yocto repositories.

[1] https://nvd.nist.gov/vuln/detail/CVE-2008-6713

Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
 meta/recipes-support/wic/wic_0.3.0.bb | 3 +++
 1 file changed, 3 insertions(+)
diff mbox series

Patch

diff --git a/meta/recipes-support/wic/wic_0.3.0.bb b/meta/recipes-support/wic/wic_0.3.0.bb
index a0a2773c76..c9732a359a 100644
--- a/meta/recipes-support/wic/wic_0.3.0.bb
+++ b/meta/recipes-support/wic/wic_0.3.0.bb
@@ -8,6 +8,9 @@  SRCREV = "5974ade11032f218841d9f449ef0efeee3f9a2ca"
 
 inherit python_hatchling
 
+# do not report CVEs for other wic tools
+CVE_PRODUCT = "yoctoproject:wic"
+
 RDEPENDS:${PN} += " \
     python3-core \
     python3-json \