[1/2] audit: Fix CVE_PRODUCT

Message ID	20240717063912.18366-1-shin.matsunaga@fujitsu.com
State	Under Review
Headers	show Return-Path: <shin.matsunaga@fujitsu.com> ip: 207.54.90.49, mailfrom: shin.matsunaga@fujitsu.com) From: Shinji Matsunaga <shin.matsunaga@fujitsu.com> To: raj.khem@gmail.com Cc: openembedded-devel@lists.openembedded.org, shin.matsunaga@fujitsu.com, Shunsuke Tokumoto <s-tokumoto@fujitsu.com> Subject: [PATCH 1/2] audit: Fix CVE_PRODUCT Date: Wed, 17 Jul 2024 15:39:12 +0900 Message-Id: <20240717063912.18366-1-shin.matsunaga@fujitsu.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit
Series	[1/2] audit: Fix CVE_PRODUCT \| expand [1/2] audit: Fix CVE_PRODUCT [2/2] audit: Add linux_audit to CVE_PRODUCT

Message ID

20240717063912.18366-1-shin.matsunaga@fujitsu.com

State

Under Review

Headers

From: Shinji Matsunaga <shin.matsunaga@fujitsu.com>
To: raj.khem@gmail.com
Cc: openembedded-devel@lists.openembedded.org,
	shin.matsunaga@fujitsu.com,
	Shunsuke Tokumoto <s-tokumoto@fujitsu.com>
Subject: [PATCH 1/2] audit: Fix CVE_PRODUCT
Date: Wed, 17 Jul 2024 15:39:12 +0900
Message-Id: <20240717063912.18366-1-shin.matsunaga@fujitsu.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Series

[1/2] audit: Fix CVE_PRODUCT | expand

Commit Message

Shinji Matsunaga (Fujitsu) July 17, 2024, 6:39 a.m. UTC

Fix "audit" set in CVE_PRODUCT to "linux:audit" to detect only vulnerabilities where the vendor is "linux".

Currently, CVE_PRODUCT also detects vulnerabilities where the vendor is "visionsoft",
which are unrelated to the "audit" in this recipe.
https://www.opencve.io/cve?vendor=visionsoft&product=audit

In addition, all the vulnerabilities currently detected in "audit" have the vendor of "visionsoft" or "linux".
Therefore, fix "audit" set in CVE_PRODUCT to "linux:audit".

Signed-off-by: Shinji Matsunaga <shin.matsunaga@fujitsu.com>
Signed-off-by: Shunsuke Tokumoto <s-tokumoto@fujitsu.com>
---
 meta-oe/recipes-security/audit/audit_4.0.1.bb | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/meta-oe/recipes-security/audit/audit_4.0.1.bb b/meta-oe/recipes-security/audit/audit_4.0.1.bb
index c189cfea5..bd8f8cc31 100644
--- a/meta-oe/recipes-security/audit/audit_4.0.1.bb
+++ b/meta-oe/recipes-security/audit/audit_4.0.1.bb
@@ -101,3 +101,5 @@  do_install:append() {
     # Create /var/spool/audit directory for audisp-remote
     install -d -m 0700 ${D}${localstatedir}/spool/audit
 }
+
+CVE_PRODUCT = "linux:audit"

[1/2] audit: Fix CVE_PRODUCT

Commit Message

Patch