MIRRORS/meta-openembedded
1
0
Fork 0
mirror of https://github.com/openembedded/meta-openembedded.git synced 2025-12-14 14:25:53 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

mercurial: set CVE_PRODUCT to "mercurial-scm:mercurial mercurial:mercurial"

Browse Source 
Other product "mercurial" introduce false CVE finding like:

https://nvd.nist.gov/vuln/detail/CVE-2022-43410

Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This commit is contained in:
Ankur Tyagi 2025-10-31 14:04:11 +13:00 committed by Khem Raj
parent 71a022d143
commit fb27cbf27a
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
meta-oe/recipes-devtools/mercurial/mercurial_6.6.3.bb
View File

@ -34,4 +34,4 @@ PACKAGES =+ "${PN}-python"
FILES:${PN} += "${PYTHON_SITEPACKAGES_DIR} ${datadir}" FILES:${PN} += "${PYTHON_SITEPACKAGES_DIR} ${datadir}"
FILES:${PN}-python = "${nonarch_libdir}/${PYTHON_DIR}" FILES:${PN}-python = "${nonarch_libdir}/${PYTHON_DIR}"
CVE_STATUS[CVE-2022-43410] = "cpe-incorrect: The recipe used in the `meta-openembedded` is a different mercurial package compared to the one which has the CVE issue." CVE_PRODUCT = "mercurial-scm:mercurial mercurial:mercurial"