[meta-filesystems,dunfell] ntfs-3g-ntfsprogs: Set CVE_PRODUCT to "tuxera:ntfs-3g"

Message ID 20220614150756.19128-1-akash.hadke@kpit.com
State Under Review
Delegated to: Armin Kuster
Headers show
Series [meta-filesystems,dunfell] ntfs-3g-ntfsprogs: Set CVE_PRODUCT to "tuxera:ntfs-3g" | expand

Commit Message

Akash Hadke June 14, 2022, 3:07 p.m. UTC
Set CVE_PRODUCT to 'tuxera:ntfs-3g' for ntfs-3g-ntfsprogs recipe,
cve-check class is setting default CVE_PRODUCT to 'ntfs-3g-ntfsprogs'
which ignores the ntfs-3g-ntfsprogs CVEs from NVD Database.

Reference:
CVE-2019-9755
Link: https://nvd.nist.gov/vuln/detail/CVE-2019-9755

Signed-off-by: Akash Hadke <akash.hadke@kpit.com>
Signed-off-by: Akash Hadke <hadkeakash4@gmail.com>
---
 .../ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs_2017.3.23.bb            | 2 ++
 1 file changed, 2 insertions(+)

Comments

Ranjitsinh Rathod June 15, 2022, 7:51 a.m. UTC | #1
Hi Armin,

I have seen that you have taken iperf3 CVE_PRODUCT change but not this one?
Is there any reason to not take this one?

Thanks,
Ranjitsinh Rathod

Patch

diff --git a/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs_2017.3.23.bb b/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs_2017.3.23.bb
index 6f5cb6cee..c75b0416c 100644
--- a/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs_2017.3.23.bb
+++ b/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs_2017.3.23.bb
@@ -50,3 +50,5 @@  do_install_append() {
 
 # Satisfy the -dev runtime dependency
 ALLOW_EMPTY_${PN} = "1"
+
+CVE_PRODUCT = "tuxera:ntfs-3g"