diff mbox series

[1/5] shadow: set CVE_PRODUCT

Message ID 20260425222634.44171-1-peter.marko@siemens.com
State Under Review
Headers show
Series [1/5] shadow: set CVE_PRODUCT | expand

Commit Message

Peter Marko April 25, 2026, 10:26 p.m. UTC 
From: Peter Marko <peter.marko@siemens.com>

This will remove CVE-2016-15024 from open cve reports.
This CVE for is for "doomsider:shadow" [1].

It will also remove
* CVE-2018-16588 (suse:shadow, [2])
* CVE-2019-16110 (blade-group:shadow [3])
which can be verified that they don't affect Yocto shadow.

[1] https://security-tracker.debian.org/tracker/CVE-2016-15024
[2] https://security-tracker.debian.org/tracker/CVE-2018-16588
[3] https://security-tracker.debian.org/tracker/CVE-2019-16110

Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
 meta/recipes-extended/shadow/shadow_4.19.4.bb | 2 ++
 1 file changed, 2 insertions(+)
diff mbox series

Patch

diff --git a/meta/recipes-extended/shadow/shadow_4.19.4.bb b/meta/recipes-extended/shadow/shadow_4.19.4.bb
index 94f155641c..f70d1ca5f3 100644
--- a/meta/recipes-extended/shadow/shadow_4.19.4.bb
+++ b/meta/recipes-extended/shadow/shadow_4.19.4.bb
@@ -38,6 +38,8 @@  PAM_SRC_URI = "file://pam.d/chfn \
                file://pam.d/passwd \
                file://pam.d/su"
 
+CVE_PRODUCT = "debian:shadow shadow_project:shadow"
+
 inherit autotools gettext github-releases pkgconfig
 
 export CONFIG_SHELL = "/bin/sh"