CaROS/poky
3
1
Fork 0
mirror of https://git.yoctoproject.org/git/poky synced 2026-01-04 16:10:04 +00:00
Code Issues Packages Projects Releases Wiki Activity

json-c: define CVE_VERSION

Browse Source 
Recently NVD updated all CVEs for json-c and old fixed
CVE-2020-12762 is reported by cve_check now.
NVD match clause now includes full tag name including
date which is "greater" than tag without additional numbers.

Fix it by defining CVE_VERSION identical to full tag.
Put it close to hash so recipe update patch includes this line.

(From OE-Core rev: 55e9ff0fe1de70f226557529f73c28f34f6956ed)

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This commit is contained in:
Peter Marko 2023-09-27 23:05:40 +02:00 committed by Steve Sakoman
parent 0e4966eb77
commit 25073f9c0e
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
meta/recipes-devtools/json-c/json-c_0.15.bb
View File

@ -12,6 +12,9 @@ SRC_URI = " \
SRC_URI[sha256sum] = "b8d80a1ddb718b3ba7492916237bbf86609e9709fb007e7f7d4322f02341a4c6"
# NVD uses full tag name including date
CVE_VERSION = "0.15-20200726"
UPSTREAM_CHECK_URI = "https://github.com/${BPN}/${BPN}/tags"
UPSTREAM_CHECK_REGEX = "json-c-(?P<pver>\d+(\.\d+)+)-\d+"