diff --git a/Dockerfile b/Dockerfile index 76d34b1..6a95fcd 100755 --- a/Dockerfile +++ b/Dockerfile @@ -23,6 +23,7 @@ RUN \ apt-get update && \ apt-get install -y --no-install-recommends \ docker-ce \ + docker-buildx-plugin \ google-chrome-stable \ python3-venv \ unzip \ diff --git a/ci/ci.py b/ci/ci.py index efe7dfd..54a68c9 100755 --- a/ci/ci.py +++ b/ci/ci.py @@ -10,11 +10,13 @@ from logging import Logger import mimetypes import json +import subprocess from requests.adapters import HTTPAdapter from urllib3.util.retry import Retry from functools import wraps from typing import Callable, Any, Literal from textwrap import dedent +import enum import boto3 import requests @@ -62,6 +64,35 @@ def wrapper(*args, **kwargs) -> Any: return wrapper return deprecated_decorator +class CITests(enum.Enum): + """Enum for the different CI tests""" + CONTAINER_START = "Container Start" + CREATE_SBOM = "Create SBOM" + CREATE_BUILDX_SBOM = "Create Buildx SBOM" + CREATE_SYFT_SBOM = "Create Syft SBOM" + CAPTURE_SCREENSHOT = "Capture Screenshot" + GET_BUILD_INFO = "Get Build Info" + +class CITestResult(enum.Enum): + """Enum for the different CI test results""" + PASS = "PASS" + FAIL = "FAIL" + ERROR = "ERROR" + +class CIReportResult(enum.Enum): + """Enum for the different CI report results""" + PASS = "PASS" + FAIL = "FAIL" + ERROR = "ERROR" + +class Platform(enum.Enum): + """Enum for the different platforms""" + AMD64 = "amd64" + ARM64 = "arm64" + ARM32 = "arm" + RISCV64 = "riscv64" + UNKNOWN = "amd64" + class SetEnvs(): """Simple helper class that sets up the ENVs""" def __init__(self) -> None: @@ -269,7 +300,7 @@ def __init__(self) -> None: self.tags = list(self.tags_env.split("|")) self.tag_report_tests:dict[str,dict[str,dict]] = {tag: {"test":{}} for tag in self.tags} # Adds all the tags as keys with an empty dict as value to the dict self.report_containers: dict[str,dict[str,dict]] = {} - self.report_status = "PASS" + self.report_status = CIReportResult.PASS self.outdir: str = f"{os.path.dirname(os.path.realpath(__file__))}/output/{self.image}/{self.meta_tag}" os.makedirs(self.outdir, exist_ok=True) self.s3_client = self.create_s3_client() @@ -320,31 +351,31 @@ def container_test(self, tag: str) -> None: # Run these tests in parallel so the runtime data is more accurate. with ThreadPoolExecutor(max_workers=2,thread_name_prefix=thread_name) as executor: - future_sbom: Future[str] = executor.submit(self.generate_sbom, tag) + future_sbom: Future[str|CITestResult] = executor.submit(self.make_sbom, tag) future_logs: Future[bool] = executor.submit(self.watch_container_logs, container, tag) - sbom: str = future_sbom.result(self.sbom_timeout + 5) # Set a thread timeout if the function for some reason hangs + sbom: str|CITestResult = future_sbom.result(self.sbom_timeout + 5) # Set a thread timeout if the function for some reason hangs logsfound: bool = future_logs.result(self.logs_timeout + 5) # Set a thread timeout if the function for some reason hangs - build_info: dict = self.get_build_info(container,tag) # Get the image build info + build_info: dict[str,str] = self.get_build_info(container,tag) # Get the image build info if not logsfound: self.logger.error("Test of %s FAILED after %.2f seconds", tag, time.time() - start_time) self._endtest(container, tag, build_info, sbom, False, start_time) return - if build_info["version"] == "ERROR": + if build_info["version"] == CITestResult.ERROR.value: self.logger.error("Test of %s FAILED after %.2f seconds", tag, time.time() - start_time) self._endtest(container, tag, build_info, sbom, False, start_time) return - if sbom == "ERROR": + if sbom == CITestResult.ERROR: self.logger.error("Test of %s FAILED after %.2f seconds", tag, time.time() - start_time) self._endtest(container, tag, build_info, sbom, False, start_time) return # Screenshot the web interface and check connectivity screenshot_success, browser_logs = self.take_screenshot(container, tag) - if not screenshot_success and self.get_platform(tag) == "amd64": + if not screenshot_success and self.get_platform(tag) == Platform.AMD64.value: self.logger.error("Test of %s FAILED after %.2f seconds", tag, time.time() - start_time) self._endtest(container, tag, build_info, sbom, False, start_time, browser_logs) return @@ -353,7 +384,7 @@ def container_test(self, tag: str) -> None: self.logger.success("Test of %s PASSED after %.2f seconds", tag, time.time() - start_time) return - def _endtest(self, container:Container, tag:str, build_info:dict[str,str], packages:str, test_success: bool, start_time:float|int = 0.0, browser_logs: str = "") -> None: + def _endtest(self, container:Container, tag:str, build_info:dict[str,str], packages:str|CITestResult, test_success: bool, start_time:float|int = 0.0, browser_logs: str = "") -> None: """End the test with as much info as we have and append to the report. Args: @@ -369,10 +400,12 @@ def _endtest(self, container:Container, tag:str, build_info:dict[str,str], packa runtime = "-" if isinstance(start_time,(float, int)): runtime = f"{time.time() - start_time:.2f}s" + if isinstance(packages, CITestResult): + packages = packages.value logblob: str = container.logs(timestamps=True).decode("utf-8") self.create_html_ansi_file(logblob, tag, "log") # Generate an html container log file based on the latest logs try: - container.remove(force="true") + container.remove(force=True) except APIError: self.logger.exception("Failed to remove container %s",tag) warning_texts: dict[str, str] = { @@ -428,15 +461,15 @@ def get_platform(self, tag: str) -> str: platform: str = tag[:5] match platform: case "amd64": - return "amd64" + return Platform.AMD64.value case "arm64": - return "arm64" + return Platform.ARM64.value case "arm32": - return "arm" + return Platform.ARM32.value case "riscv": - return "riscv64" + return Platform.RISCV64.value case _: - return "amd64" + return Platform.UNKNOWN.value @deprecated(reason="Use generate_sbom instead") def export_package_info(self, container:Container, tag:str) -> str: @@ -475,7 +508,8 @@ def export_package_info(self, container:Container, tag:str) -> str: "message":str(error)}.items()))) self.report_status = "FAIL" return packages - + + @deprecated(reason="Use make_sbom instead") def generate_sbom(self, tag:str) -> str: """Generate the SBOM for the image tag. @@ -522,6 +556,155 @@ def generate_sbom(self, tag:str) -> str: self.logger.exception("Failed to remove the syft container, %s",tag) return "ERROR" + def make_sbom(self, tag: str) -> "str|CITestResult": + """Generate the SBOM for the image tag. It will first try to use buildx imagetools inspect, if that fails it will fallback to using syft. + + Creates the output file in `{self.outdir}/{tag}.sbom.html` + + Args: + tag (str): The tag we are testing + Returns: + str: Return the output if successful otherwise "ERROR". + """ + start_time = time.time() + sbom: str | CITestResult = self.get_sbom_buildx_blob(tag) + if isinstance(sbom, str): + packages: list[dict[str, str]] = self.parse_buildx_sbom(sbom) + formatted_table: str | CITestResult = self.format_package_table(packages=packages) + if packages and formatted_table != CITestResult.ERROR: + self.create_html_ansi_file(formatted_table, tag, "sbom") + self._add_test_result(tag, CITests.CREATE_BUILDX_SBOM, CITestResult.PASS, "-", start_time) + self.logger.success("Create SBOM %s: PASSED after %.2f seconds", tag, time.time() - start_time) + return formatted_table + self.logger.error("No packages found in buildx SBOM for tag %s", tag) + self.report_status = CIReportResult.FAIL + self._add_test_result(tag, CITests.CREATE_BUILDX_SBOM, CITestResult.FAIL, "No packages found in buildx SBOM", start_time) + else: + self.logger.warning("Falling back to Syft for SBOM generation on tag %s", tag) + + # Fallback to syft if buildx failed + sbom = self.get_sbom_syft(tag) + if sbom != CITestResult.ERROR: + self._add_test_result(tag, CITests.CREATE_SBOM, CITestResult.PASS, "-", start_time) + self.logger.success("Create SBOM %s: PASSED after %.2f seconds", tag, time.time() - start_time) + self.create_html_ansi_file(str(sbom),tag,"sbom") + return sbom + self.report_status = CIReportResult.FAIL + self._add_test_result(tag, CITests.CREATE_SBOM, CITestResult.FAIL, "Failed to generate SBOM with both buildx and syft", start_time) + return CITestResult.ERROR + + def get_sbom_syft(self, tag: str) -> str | CITestResult: + """Get the SBOM for the image tag using Syft. + + Args: + tag (str): The tag we are testing + Returns: + str: SBOM output if successful, otherwise "ERROR". + """ + start_time = time.time() + platform: str = self.get_platform(tag) + syft:Container = self.client.containers.run(image=f"ghcr.io/anchore/syft:{self.syft_image_tag}",command=f"{self.image}:{tag} --platform=linux/{platform}", + detach=True, volumes={"/var/run/docker.sock": {"bind": "/var/run/docker.sock", "mode": "rw"}}) + self.logger.info("Creating SBOM package list on %s with syft version %s",tag,self.syft_image_tag) + logblob: str = "" + t_end: float = time.time() + self.sbom_timeout + self.logger.info("Tailing the Syft container logs for %s seconds looking the 'VERSION' message on tag: %s",self.sbom_timeout,tag) + while time.time() < t_end: + time.sleep(5) + try: + logblob: str = syft.logs().decode("utf-8") + if "VERSION" in logblob: + self.logger.info("Get Syft package versions for %s completed", tag) + self.logger.success("%s package list %s: PASSED after %.2f seconds", CITests.CREATE_SYFT_SBOM.value, tag, time.time() - start_time) + try: + syft.remove(force=True) + except Exception: + self.logger.exception("Failed to remove the Syft container, %s",tag) + return logblob + except (APIError,ContainerError,ImageNotFound): + self.logger.exception("Creating Syft SBOM package list on %s: FAIL", tag) + self.logger.error("Failed to generate Syft SBOM output on tag %s. SBOM output:\n%s",tag, logblob) + try: + syft.remove(force=True) + except Exception: + self.logger.exception("Failed to remove the Syft container, %s",tag) + return CITestResult.ERROR + + def get_sbom_buildx_blob(self, tag: str) -> str | CITestResult: + """Get the SBOM for the image tag using docker buildx imagetools inspect. + + Args: + tag (str): The tag we are testing + + Returns: + str: SBOM output if successful, otherwise "CITestResult.ERROR". + """ + try: + image_ref = f"{self.image}:{tag}" + self.logger.info("Generating SBOM for %s using buildx imagetools inspect", image_ref) + cmd = f'docker buildx imagetools inspect {image_ref} --format "{{{{ json (index .SBOM).SPDX.packages }}}}"' + result: subprocess.CompletedProcess[str] = subprocess.run(cmd, shell=True, capture_output=True, text=True, timeout=self.sbom_timeout, check=False) + if result.returncode == 0 and result.stdout.strip(): + self.logger.success("SBOM generated for %s using buildx imagetools inspect.", tag) + return result.stdout.strip() + self.logger.error("Failed to generate buildx SBOM for %s: %s", tag, result.stderr) + return CITestResult.ERROR + except Exception: + self.logger.exception("Exception while running buildx imagetools inspect for %s", tag) + return CITestResult.ERROR + + def parse_buildx_sbom(self, sbom: str) -> list[dict[str, str]]: + """Parse the buildx imagetools inspect SBOM string and extract package information. + + Args: + sbom (str): The SBOM in JSON format. + Returns: + list[dict[str, str]]: A list of dictionaries containing package information. + """ + try: + sbom_data: dict[str, Any] = json.loads(sbom) + packages: list[dict[str, str]] = [] + for item in sbom_data: + package_info = { + "name": item.get("name", ""), + "version": item.get("versionInfo", ""), + } + if package_info in packages: + continue + packages.append(package_info) + return packages + except json.JSONDecodeError: + self.logger.error("Failed to parse buildx imagetools inspect SBOM output.") + return [] + + def format_package_table(self, packages: list[dict[str, str]]) -> str | CITestResult: + """Format a list of package dicts into a padded string table. + + Args: + packages (list[dict[str, str]]): List of package dicts with 'name' and 'version' keys. + + Returns: + str: Padded string table of package names and versions. + """ + try: + if not packages: + self.logger.error("No packages found to format.") + return CITestResult.ERROR + # Dynamically determine column widths based on longest name/version + name_width = max(len(pkg.get('name', '')) for pkg in packages) + 10 + version_width = max(len(pkg.get('version', '')) for pkg in packages) + 10 + lines: list[str] = [] + header = f"{'NAME'.ljust(name_width)}{'VERSION'.ljust(version_width)}" + lines.append(header) + for pkg in packages: + name = pkg.get('name', '')[:name_width] + version = pkg.get('version', '')[:version_width] + lines.append(f"{name.ljust(name_width)}{version.ljust(version_width)}") + return "\n".join(lines) + except Exception: + self.logger.exception("Failed to format package table.") + return CITestResult.ERROR + @deprecated(reason="Use get_build_info instead") def get_build_version(self,container:Container,tag:str) -> str: """Fetch the build version from the container object attributes. @@ -568,7 +751,7 @@ def get_image_name(self) -> str: case _: return self.image - def get_build_url(self, tag) -> str: + def get_build_url(self, tag: str) -> str: """Get the build url from the IMAGE env. Args: @@ -610,7 +793,6 @@ def get_build_info(self,container:Container,tag:str) -> dict[str,str]: } ``` """ - test = "Get build info" start_time = time.time() try: self.logger.info("Fetching build info on tag: %s",tag) @@ -623,15 +805,15 @@ def get_build_info(self,container:Container,tag:str) -> dict[str,str]: "tag": tag, "image": self.get_image_name() } - self._add_test_result(tag, test, "PASS", "-", start_time) + self._add_test_result(tag, CITests.GET_BUILD_INFO, CITestResult.PASS, "-", start_time) self.logger.success("Get build info on tag '%s': PASS", tag) except (APIError,KeyError) as error: self.logger.exception("Get build info on tag '%s': FAIL", tag) - build_info = {"version": "ERROR", "created": "ERROR", "size": "ERROR", "maintainer": "ERROR"} + build_info = {"version": CITestResult.ERROR.value, "created": CITestResult.ERROR.value, "size": CITestResult.ERROR.value, "maintainer": CITestResult.ERROR.value} if isinstance(error,KeyError): error: str = f"KeyError: {error}" - self._add_test_result(tag, test, "FAIL", str(error), start_time) - self.report_status = "FAIL" + self._add_test_result(tag, CITests.GET_BUILD_INFO, CITestResult.FAIL, str(error), start_time) + self.report_status = CIReportResult.FAIL return build_info def watch_container_logs(self, container:Container, tag:str) -> bool: @@ -645,7 +827,6 @@ def watch_container_logs(self, container:Container, tag:str) -> bool: Returns: bool: Return True if the "done" message is found, otherwise False. """ - test = "Container startup" start_time = time.time() t_end: float = time.time() + self.logs_timeout self.logger.info("Tailing the %s logs for %s seconds looking for the 'done' message", tag, self.logs_timeout) @@ -653,20 +834,20 @@ def watch_container_logs(self, container:Container, tag:str) -> bool: try: logblob: str = container.logs().decode("utf-8") if "[services.d] done." in logblob or "[ls.io-init] done." in logblob: - self.logger.info("%s completed for %s",test, tag) - self._add_test_result(tag, test, "PASS", "-", start_time) - self.logger.success("%s %s: PASSED after %.2f seconds", test, tag, time.time() - start_time) + self.logger.info("%s completed for %s",CITests.CONTAINER_START.value, tag) + self._add_test_result(tag, CITests.CONTAINER_START, CITestResult.PASS, "-", start_time) + self.logger.success("%s %s: PASSED after %.2f seconds", CITests.CONTAINER_START.value, tag, time.time() - start_time) return True time.sleep(1) except APIError as error: - self.logger.exception("%s %s: FAIL - INIT NOT FINISHED", test, tag) - self._add_test_result(tag, test, "FAIL", f"INIT NOT FINISHED: {str(error)}", start_time) - self.report_status = "FAIL" + self.logger.exception("%s %s: FAIL - INIT NOT FINISHED", CITests.CONTAINER_START.value, tag) + self._add_test_result(tag, CITests.CONTAINER_START, CITestResult.FAIL, f"INIT NOT FINISHED: {str(error)}", start_time) + self.report_status = CIReportResult.FAIL return False - self.logger.error("%s failed for %s", test, tag) - self._add_test_result(tag, test, "FAIL", "INIT NOT FINISHED", start_time) - self.logger.error("%s %s: FAIL - INIT NOT FINISHED", test, tag) - self.report_status = "FAIL" + self.logger.error("%s failed for %s", CITests.CONTAINER_START.value, tag) + self._add_test_result(tag, CITests.CONTAINER_START, CITestResult.FAIL, "INIT NOT FINISHED", start_time) + self.logger.error("%s %s: FAIL - INIT NOT FINISHED", CITests.CONTAINER_START.value, tag) + self.report_status = CIReportResult.FAIL return False def report_render(self) -> None: @@ -679,7 +860,7 @@ def report_render(self) -> None: with open(f"{self.outdir}/index.html", mode="w", encoding="utf-8") as file_: file_.write(template.render( report_containers=self.report_containers, - report_status=self.report_status, + report_status=self.report_status.value, meta_tag=self.meta_tag, image=self.get_image_name(), bucket=self.bucket, @@ -692,11 +873,11 @@ def badge_render(self) -> None: """Render the badge file for upload""" self.logger.info("Creating badge") try: - badge = anybadge.Badge("CI", self.report_status, thresholds={ + badge = anybadge.Badge("CI", self.report_status.value, thresholds={ "PASS": "green", "FAIL": "red"}) badge.write_badge(f"{self.outdir}/badge.svg", overwrite=True) with open(f"{self.outdir}/ci-status.yml", "w", encoding="utf-8") as file: - file.write(f"CI: '{self.report_status}'") + file.write(f"CI: '{self.report_status.value}'") except (ValueError,RuntimeError,FileNotFoundError,OSError): self.logger.exception("Failed to render badge file!") @@ -737,7 +918,7 @@ def report_upload(self) -> None: raise CIError(f"Upload Error: {error}") from error self.logger.info("Report available on https://%s/%s/%s/index.html",self.bucket, self.image, self.meta_tag) - def create_html_ansi_file(self, blob:str, tag:str, name:str, full:bool = True) -> None: + def create_html_ansi_file(self, blob:str|CITestResult, tag:str, name:str, full:bool = True) -> None: """Creates an HTML file in the "self.outdir" directory that we upload to S3 Args: @@ -748,6 +929,8 @@ def create_html_ansi_file(self, blob:str, tag:str, name:str, full:bool = True) - """ try: + if isinstance(blob,CITestResult): + blob = blob.value self.logger.info("Creating %s.%s.html", tag, name) converter = Ansi2HTMLConverter(title=f"{tag}-{name}") html_logs: str = converter.convert(blob,full=full) @@ -793,26 +976,28 @@ def log_upload(self) -> None: except (S3UploadFailedError, ClientError, FileNotFoundError) as e: self.logger.exception(f"Failed to upload the CI logs! Error: {e}") - def _add_test_result(self, tag:str, test:str, status:str, message:str, start_time:float|int = 0.0) -> None: + def _add_test_result(self, tag:str, test:CITests, status:CITestResult, message:str, start_time:float|int = 0.0) -> None: """Add a test result to the report Args: tag (str): The tag we are testing - test (str): The test we are running - status (str): The status of the test + test (CITests): The test we are running + status (CITestResult): The status of the test message (str): The message of the test start_time (str, optional): The start time of the test. Defaults to 0.0. Used to calculate the runtime of the test. """ - if status not in ["PASS","FAIL"]: - raise ValueError("Status must be either PASS or FAIL") + if not isinstance(test, CITests): + raise ValueError("test must be an instance of CITests") + if not isinstance(status, CITestResult): + raise ValueError("status must be an instance of CITestResult") if tag not in self.tags: raise ValueError("Tag not in the list of tags") if not start_time: runtime = "-" if isinstance(start_time,(float, int)): runtime: str = f"{time.time() - start_time:.2f}s" - self.tag_report_tests[tag]["test"][test] = (dict(sorted({ - "status":status, + self.tag_report_tests[tag]["test"][test.value] = (dict(sorted({ + "status":status.value, "message":message, "runtime": runtime}.items()))) @@ -832,7 +1017,6 @@ def take_screenshot(self, container: Container, tag:str) -> tuple[bool, str]: return True, "" proto: Literal["https", "http"] = "https" if self.ssl.upper() == "TRUE" else "http" screenshot_timeout = time.time() + self.screenshot_timeout - test = "Get screenshot" start_time = time.time() driver: WebDriver | None = None browser_logs: str = "" @@ -853,7 +1037,7 @@ def take_screenshot(self, container: Container, tag:str) -> tuple[bool, str]: driver.get_screenshot_as_file(f"{self.outdir}/{tag}.png") if not os.path.isfile(f"{self.outdir}/{tag}.png"): raise FileNotFoundError(f"Screenshot '{self.outdir}/{tag}.png' not found") - self._add_test_result(tag, test, "PASS", "-", start_time) + self._add_test_result(tag, CITests.CAPTURE_SCREENSHOT, CITestResult.PASS, "-", start_time) self.logger.success("Screenshot %s: PASSED after %.2f seconds", tag, time.time() - start_time) return True, self._get_browser_logs(driver, tag) except Exception as error: @@ -864,23 +1048,23 @@ def take_screenshot(self, container: Container, tag:str) -> tuple[bool, str]: raise error raise TimeoutException("Timeout taking screenshot") except (requests.Timeout, requests.ConnectionError, KeyError) as error: - self._add_test_result(tag, test, "FAIL", f"CONNECTION ERROR: {str(error)}", start_time) + self._add_test_result(tag, CITests.CAPTURE_SCREENSHOT, CITestResult.FAIL, f"CONNECTION ERROR: {str(error)}", start_time) self.logger.exception("Screenshot %s FAIL CONNECTION ERROR", tag) - self.report_status = "FAIL" + self.report_status = CIReportResult.FAIL if driver: browser_logs = self._get_browser_logs(driver, tag) return False, browser_logs except TimeoutException as error: - self._add_test_result(tag, test, "FAIL", f"TIMEOUT: {str(error)}", start_time) + self._add_test_result(tag, CITests.CAPTURE_SCREENSHOT, CITestResult.FAIL, f"TIMEOUT: {str(error)}", start_time) self.logger.exception("Screenshot %s FAIL TIMEOUT", tag) - self.report_status = "FAIL" + self.report_status = CIReportResult.FAIL if driver: browser_logs = self._get_browser_logs(driver, tag) return False, browser_logs except (WebDriverException, Exception) as error: - self._add_test_result(tag, test, "FAIL", f"UNKNOWN: {str(error)}", start_time) + self._add_test_result(tag, CITests.CAPTURE_SCREENSHOT, CITestResult.FAIL, f"UNKNOWN: {str(error)}", start_time) self.logger.exception("Screenshot %s FAIL UNKNOWN", tag) - self.report_status = "FAIL" + self.report_status = CIReportResult.FAIL if driver: browser_logs = self._get_browser_logs(driver, tag) return False, browser_logs diff --git a/test_build.py b/test_build.py index b1ca671..fd186cb 100644 --- a/test_build.py +++ b/test_build.py @@ -1,8 +1,7 @@ #!/usr/bin/env python3 import os -import time from logging import Logger -from ci.ci import CI, CIError +from ci.ci import CI, CIError, Platform, CIReportResult from ci.logger import configure_logging def run_test() -> None: @@ -10,15 +9,15 @@ def run_test() -> None: ci.run(ci.tags) # Don't set the whole report as failed if any of the ARM tag fails. for tag in ci.report_containers.keys(): - if tag.startswith("amd64") and ci.report_containers[tag]['test_success'] == True: - ci.report_status = 'PASS' # Override the report_status if an ARM tag failed, but the amd64 tag passed. - if ci.report_status == 'PASS': + if tag.startswith(Platform.AMD64.value) and ci.report_containers[tag]['test_success'] == True: + ci.report_status = CIReportResult.PASS # Override the report_status if an ARM tag failed, but the amd64 tag passed. + if ci.report_status == CIReportResult.PASS: logger.success('All tests PASSED after %.2f seconds', ci.total_runtime) ci.report_render() ci.badge_render() ci.json_render() ci.report_upload() - if ci.report_status == 'PASS': # Exit based on test results + if ci.report_status == CIReportResult.PASS: # Exit based on test results ci.log_upload() return logger.error('Tests FAILED') diff --git a/tests/sbom_buildx_blob.txt b/tests/sbom_buildx_blob.txt new file mode 100644 index 0000000..0d76120 --- /dev/null +++ b/tests/sbom_buildx_blob.txt @@ -0,0 +1,5485 @@ +[ + { + "SPDXID": "SPDXRef-Package-deb-adduser-98299e49069387ec", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:adduser:adduser:3.137ubuntu1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/adduser@3.137ubuntu1?arch=all\u0026distro=ubuntu-24.04", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "GPL-2.0-only AND GPL-2.0-or-later", + "name": "adduser", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/adduser/copyright, /var/lib/dpkg/info/adduser.conffiles, /var/lib/dpkg/info/adduser.md5sums, /var/lib/dpkg/info/adduser.list, /var/lib/dpkg/info/adduser.postrm, /var/lib/dpkg/info/adduser.preinst", + "supplier": "NOASSERTION", + "versionInfo": "3.137ubuntu1" + }, + { + "SPDXID": "SPDXRef-Package-deb-apt-bfe0855a529838fa", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:apt:apt:2.8.3:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/apt@2.8.3?arch=amd64\u0026distro=ubuntu-24.04", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "BSD-3-Clause AND LicenseRef-Expat AND GPL-2.0-only AND GPL-2.0-or-later", + "name": "apt", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/apt/copyright, /var/lib/dpkg/info/apt.conffiles, /var/lib/dpkg/info/apt.md5sums, /var/lib/dpkg/info/apt.list, /var/lib/dpkg/info/apt.postinst, /var/lib/dpkg/info/apt.postrm, /var/lib/dpkg/info/apt.preinst, /var/lib/dpkg/info/apt.prerm, /var/lib/dpkg/info/apt.shlibs, /var/lib/dpkg/info/apt.triggers", + "supplier": "NOASSERTION", + "versionInfo": "2.8.3" + }, + { + "SPDXID": "SPDXRef-Package-deb-apt-utils-90966dc650cccb89", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:apt-utils:apt-utils:2.8.3:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:apt-utils:apt_utils:2.8.3:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:apt_utils:apt-utils:2.8.3:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:apt_utils:apt_utils:2.8.3:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:apt:apt-utils:2.8.3:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:apt:apt_utils:2.8.3:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/apt-utils@2.8.3?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=apt", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "BSD-3-Clause AND LicenseRef-Expat AND GPL-2.0-only AND GPL-2.0-or-later", + "name": "apt-utils", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/apt-utils/copyright, /var/lib/dpkg/info/apt-utils.md5sums, /var/lib/dpkg/info/apt-utils.list", + "supplier": "NOASSERTION", + "versionInfo": "2.8.3" + }, + { + "SPDXID": "SPDXRef-Package-deb-base-files-779daaca50ffddcd", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:base-files:base-files:13ubuntu10.3:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:base-files:base_files:13ubuntu10.3:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:base_files:base-files:13ubuntu10.3:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:base_files:base_files:13ubuntu10.3:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:base:base-files:13ubuntu10.3:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:base:base_files:13ubuntu10.3:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/base-files@13ubuntu10.3?arch=amd64\u0026distro=ubuntu-24.04", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "LicenseRef-GPL", + "name": "base-files", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/base-files/copyright, /var/lib/dpkg/info/base-files.conffiles, /var/lib/dpkg/info/base-files.md5sums, /var/lib/dpkg/info/base-files.list, /var/lib/dpkg/info/base-files.postinst, /var/lib/dpkg/info/base-files.postrm, /var/lib/dpkg/info/base-files.preinst, /var/lib/dpkg/info/base-files.prerm, /var/lib/dpkg/info/base-files.triggers", + "supplier": "NOASSERTION", + "versionInfo": "13ubuntu10.3" + }, + { + "SPDXID": "SPDXRef-Package-deb-base-passwd-628f5a2163cf1196", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:base-passwd:base-passwd:3.6.3build1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:base-passwd:base_passwd:3.6.3build1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:base_passwd:base-passwd:3.6.3build1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:base_passwd:base_passwd:3.6.3build1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:base:base-passwd:3.6.3build1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:base:base_passwd:3.6.3build1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/base-passwd@3.6.3build1?arch=amd64\u0026distro=ubuntu-24.04", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "GPL-2.0-only AND LicenseRef-public-domain", + "name": "base-passwd", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/base-passwd/copyright, /var/lib/dpkg/info/base-passwd.md5sums, /var/lib/dpkg/info/base-passwd.list, /var/lib/dpkg/info/base-passwd.postinst, /var/lib/dpkg/info/base-passwd.postrm, /var/lib/dpkg/info/base-passwd.preinst, /var/lib/dpkg/info/base-passwd.templates", + "supplier": "NOASSERTION", + "versionInfo": "3.6.3build1" + }, + { + "SPDXID": "SPDXRef-Package-deb-bash-41360a594ea0f59a", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:bash:bash:5.2.21-2ubuntu4:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/bash@5.2.21-2ubuntu4?arch=amd64\u0026distro=ubuntu-24.04", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "BSD-4-Clause-UC AND GFDL-1.3-only AND LicenseRef-GFDL-NIV-1.3 AND GPL-2.0-only AND GPL-2.0-or-later AND GPL-3.0-only AND GPL-3.0-or-later AND Latex2e AND LicenseRef-MIT-like AND LicenseRef-permissive", + "name": "bash", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/bash/copyright, /var/lib/dpkg/info/bash.conffiles, /var/lib/dpkg/info/bash.md5sums, /var/lib/dpkg/info/bash.list, /var/lib/dpkg/info/bash.postinst, /var/lib/dpkg/info/bash.postrm, /var/lib/dpkg/info/bash.prerm", + "supplier": "NOASSERTION", + "versionInfo": "5.2.21-2ubuntu4" + }, + { + "SPDXID": "SPDXRef-Package-deb-bsdutils-3aa01bfba1c59322", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:bsdutils:bsdutils:1\\:2.39.3-9ubuntu6.3:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/bsdutils@1%3A2.39.3-9ubuntu6.3?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=util-linux%402.39.3-9ubuntu6.3", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "BSD-3-Clause AND BSD-4-Clause AND LicenseRef-BSLA AND GPL-2.0-only AND GPL-2.0-or-later AND GPL-3.0-only AND GPL-3.0-or-later AND LicenseRef-LGPL AND LGPL-2.0-only AND LGPL-2.0-or-later AND LGPL-2.1-only AND LGPL-2.1-or-later AND LGPL-3.0-only AND LGPL-3.0-or-later AND MIT AND LicenseRef-public-domain", + "name": "bsdutils", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/bsdutils/copyright, /var/lib/dpkg/info/bsdutils.md5sums, /var/lib/dpkg/info/bsdutils.list", + "supplier": "NOASSERTION", + "versionInfo": "1:2.39.3-9ubuntu6.3" + }, + { + "SPDXID": "SPDXRef-Package-deb-ca-certificates-652c9fc105a76b5f", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:ca-certificates:ca-certificates:20240203:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:ca-certificates:ca_certificates:20240203:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:ca_certificates:ca-certificates:20240203:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:ca_certificates:ca_certificates:20240203:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:ca:ca-certificates:20240203:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:ca:ca_certificates:20240203:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/ca-certificates@20240203?arch=all\u0026distro=ubuntu-24.04", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "GPL-2.0-only AND GPL-2.0-or-later AND MPL-2.0", + "name": "ca-certificates", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/ca-certificates/copyright, /var/lib/dpkg/info/ca-certificates.md5sums, /var/lib/dpkg/info/ca-certificates.config, /var/lib/dpkg/info/ca-certificates.list, /var/lib/dpkg/info/ca-certificates.postinst, /var/lib/dpkg/info/ca-certificates.postrm, /var/lib/dpkg/info/ca-certificates.templates, /var/lib/dpkg/info/ca-certificates.triggers", + "supplier": "NOASSERTION", + "versionInfo": "20240203" + }, + { + "SPDXID": "SPDXRef-Package-deb-catatonit-a486d47019214ef2", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:catatonit:catatonit:0.1.7-1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/catatonit@0.1.7-1?arch=amd64\u0026distro=ubuntu-24.04", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "GPL-3.0-only AND GPL-3.0-or-later AND MPL-2.0", + "name": "catatonit", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/catatonit/copyright, /var/lib/dpkg/info/catatonit.md5sums, /var/lib/dpkg/info/catatonit.list", + "supplier": "NOASSERTION", + "versionInfo": "0.1.7-1" + }, + { + "SPDXID": "SPDXRef-Package-deb-coreutils-67004a9ba913d469", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:coreutils:coreutils:9.4-3ubuntu6.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/coreutils@9.4-3ubuntu6.1?arch=amd64\u0026distro=ubuntu-24.04", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "BSD-4-Clause-UC AND FSFULLR AND GFDL-1.3-only AND LicenseRef-GFDL-NIV-1.3 AND GPL-3.0-only AND GPL-3.0-or-later AND ISC", + "name": "coreutils", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/coreutils/copyright, /var/lib/dpkg/info/coreutils.md5sums, /var/lib/dpkg/info/coreutils.list", + "supplier": "NOASSERTION", + "versionInfo": "9.4-3ubuntu6.1" + }, + { + "SPDXID": "SPDXRef-Package-deb-cron-7fd90d3c23e9ab5e", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:cron:cron:3.0pl1-184ubuntu2:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/cron@3.0pl1-184ubuntu2?arch=amd64\u0026distro=ubuntu-24.04", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "LicenseRef-Artistic AND GPL-2.0-only AND GPL-2.0-or-later AND ISC AND LicenseRef-Paul-Vixie-s-license", + "name": "cron", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/cron/copyright, /var/lib/dpkg/info/cron.conffiles, /var/lib/dpkg/info/cron.md5sums, /var/lib/dpkg/info/cron.list, /var/lib/dpkg/info/cron.postinst, /var/lib/dpkg/info/cron.postrm, /var/lib/dpkg/info/cron.preinst, /var/lib/dpkg/info/cron.prerm", + "supplier": "NOASSERTION", + "versionInfo": "3.0pl1-184ubuntu2" + }, + { + "SPDXID": "SPDXRef-Package-deb-cron-daemon-common-f7f1e56a9f42aa77", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:cron-daemon-common:cron-daemon-common:3.0pl1-184ubuntu2:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:cron-daemon-common:cron_daemon_common:3.0pl1-184ubuntu2:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:cron_daemon_common:cron-daemon-common:3.0pl1-184ubuntu2:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:cron_daemon_common:cron_daemon_common:3.0pl1-184ubuntu2:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:cron-daemon:cron-daemon-common:3.0pl1-184ubuntu2:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:cron-daemon:cron_daemon_common:3.0pl1-184ubuntu2:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:cron_daemon:cron-daemon-common:3.0pl1-184ubuntu2:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:cron_daemon:cron_daemon_common:3.0pl1-184ubuntu2:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:cron:cron-daemon-common:3.0pl1-184ubuntu2:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:cron:cron_daemon_common:3.0pl1-184ubuntu2:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/cron-daemon-common@3.0pl1-184ubuntu2?arch=all\u0026distro=ubuntu-24.04\u0026upstream=cron", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "LicenseRef-Artistic AND GPL-2.0-only AND GPL-2.0-or-later AND ISC AND LicenseRef-Paul-Vixie-s-license", + "name": "cron-daemon-common", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/cron-daemon-common/copyright, /var/lib/dpkg/info/cron-daemon-common.conffiles, /var/lib/dpkg/info/cron-daemon-common.md5sums, /var/lib/dpkg/info/cron-daemon-common.list, /var/lib/dpkg/info/cron-daemon-common.postinst, /var/lib/dpkg/info/cron-daemon-common.postrm", + "supplier": "NOASSERTION", + "versionInfo": "3.0pl1-184ubuntu2" + }, + { + "SPDXID": "SPDXRef-Package-deb-curl-fe83f3079632ad96", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:curl:curl:8.5.0-2ubuntu10.6:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/curl@8.5.0-2ubuntu10.6?arch=amd64\u0026distro=ubuntu-24.04", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "BSD-3-Clause AND BSD-3-Clause AND BSD-4-Clause-UC AND FSFULLR AND GPL-2.0-only AND GPL-2.0-or-later AND GPL-3.0-or-later AND ISC AND OLDAP-2.8 AND X11 AND curl", + "name": "curl", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/curl/copyright, /var/lib/dpkg/info/curl.md5sums, /var/lib/dpkg/info/curl.list", + "supplier": "NOASSERTION", + "versionInfo": "8.5.0-2ubuntu10.6" + }, + { + "SPDXID": "SPDXRef-Package-deb-dash-b65ce48fce2635c7", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:dash:dash:0.5.12-6ubuntu5:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/dash@0.5.12-6ubuntu5?arch=amd64\u0026distro=ubuntu-24.04", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "BSD-3-Clause AND BSD-3-Clause AND GPL-2.0-only AND GPL-2.0-or-later AND LicenseRef-public-domain", + "name": "dash", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/dash/copyright, /var/lib/dpkg/info/dash.md5sums, /var/lib/dpkg/info/dash.list, /var/lib/dpkg/info/dash.postinst, /var/lib/dpkg/info/dash.postrm, /var/lib/dpkg/info/dash.prerm", + "supplier": "NOASSERTION", + "versionInfo": "0.5.12-6ubuntu5" + }, + { + "SPDXID": "SPDXRef-Package-deb-debconf-b8c7bec2088fc738", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:debconf:debconf:1.5.86ubuntu1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/debconf@1.5.86ubuntu1?arch=all\u0026distro=ubuntu-24.04", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "BSD-2-Clause", + "name": "debconf", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/debconf/copyright, /var/lib/dpkg/info/debconf.conffiles, /var/lib/dpkg/info/debconf.md5sums, /var/lib/dpkg/info/debconf.config, /var/lib/dpkg/info/debconf.list, /var/lib/dpkg/info/debconf.postinst, /var/lib/dpkg/info/debconf.templates", + "supplier": "NOASSERTION", + "versionInfo": "1.5.86ubuntu1" + }, + { + "SPDXID": "SPDXRef-Package-deb-debianutils-f32b4704c3fa30f4", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:debianutils:debianutils:5.17build1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/debianutils@5.17build1?arch=amd64\u0026distro=ubuntu-24.04", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "GPL-2.0-only AND GPL-2.0-or-later AND SMAIL-GPL AND LicenseRef-public-domain", + "name": "debianutils", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/debianutils/copyright, /var/lib/dpkg/info/debianutils.md5sums, /var/lib/dpkg/info/debianutils.list, /var/lib/dpkg/info/debianutils.postinst, /var/lib/dpkg/info/debianutils.postrm, /var/lib/dpkg/info/debianutils.prerm, /var/lib/dpkg/info/debianutils.triggers", + "supplier": "NOASSERTION", + "versionInfo": "5.17build1" + }, + { + "SPDXID": "SPDXRef-Package-deb-diffutils-3d2cf63ae2e37d1a", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:diffutils:diffutils:1\\:3.10-1build1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/diffutils@1%3A3.10-1build1?arch=amd64\u0026distro=ubuntu-24.04", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "FSFAP AND FSFULLR AND GFDL-1.3-only AND LicenseRef-GFDL-NIV-1.3 AND GPL-2.0-only AND GPL-2.0-or-later AND GPL-3.0-only AND GPL-3.0-or-later AND LGPL-2.0-only AND LGPL-2.0-or-later AND LGPL-2.1-only AND LGPL-2.1-or-later AND LGPL-3.0-only AND LGPL-3.0-or-later AND X11 AND LicenseRef-public-domain", + "name": "diffutils", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/diffutils/copyright, /var/lib/dpkg/info/diffutils.md5sums, /var/lib/dpkg/info/diffutils.list", + "supplier": "NOASSERTION", + "versionInfo": "1:3.10-1build1" + }, + { + "SPDXID": "SPDXRef-Package-deb-dirmngr-59c22b4eb331d815", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:dirmngr:dirmngr:2.4.4-2ubuntu17.3:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/dirmngr@2.4.4-2ubuntu17.3?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=gnupg2", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "BSD-3-Clause AND CC0-1.0 AND LicenseRef-Expat AND GPL-2.0-or-later AND GPL-2.0-only AND GPL-3.0-only AND GPL-3.0-or-later AND LGPL-2.1-only AND LGPL-2.1-or-later AND LGPL-3.0-only AND LGPL-3.0-or-later AND LicenseRef-RFC-Reference AND LicenseRef-TinySCHEME AND LicenseRef-permissive", + "name": "dirmngr", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/dirmngr/copyright, /var/lib/dpkg/info/dirmngr.md5sums, /var/lib/dpkg/info/dirmngr.list, /var/lib/dpkg/info/dirmngr.postinst, /var/lib/dpkg/info/dirmngr.postrm, /var/lib/dpkg/info/dirmngr.preinst, /var/lib/dpkg/info/dirmngr.prerm", + "supplier": "NOASSERTION", + "versionInfo": "2.4.4-2ubuntu17.3" + }, + { + "SPDXID": "SPDXRef-Package-deb-dpkg-6b4314937bcd9ebe", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:dpkg:dpkg:1.22.6ubuntu6.2:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/dpkg@1.22.6ubuntu6.2?arch=amd64\u0026distro=ubuntu-24.04", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "GPL-2.0-only AND GPL-2.0-or-later AND LicenseRef-public-domain-s-s-d", + "name": "dpkg", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/dpkg/copyright, /var/lib/dpkg/info/dpkg.conffiles, /var/lib/dpkg/info/dpkg.md5sums, /var/lib/dpkg/info/dpkg.list, /var/lib/dpkg/info/dpkg.postinst, /var/lib/dpkg/info/dpkg.postrm", + "supplier": "NOASSERTION", + "versionInfo": "1.22.6ubuntu6.2" + }, + { + "SPDXID": "SPDXRef-Package-deb-e2fsprogs-1ee1cf7fe399e312", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:e2fsprogs:e2fsprogs:1.47.0-2.4\\~exp1ubuntu4.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/e2fsprogs@1.47.0-2.4~exp1ubuntu4.1?arch=amd64\u0026distro=ubuntu-24.04", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "Apache-2.0 AND Apache-2.0 AND BSD-3-Clause AND LicenseRef-GPL AND GPL-2.0-only AND GPL-2.0-or-later AND ISC AND Kazlib AND LGPL-2.0-only AND Latex2e", + "name": "e2fsprogs", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/e2fsprogs/copyright, /var/lib/dpkg/info/e2fsprogs.conffiles, /var/lib/dpkg/info/e2fsprogs.md5sums, /var/lib/dpkg/info/e2fsprogs.list, /var/lib/dpkg/info/e2fsprogs.postinst, /var/lib/dpkg/info/e2fsprogs.postrm, /var/lib/dpkg/info/e2fsprogs.preinst, /var/lib/dpkg/info/e2fsprogs.prerm", + "supplier": "NOASSERTION", + "versionInfo": "1.47.0-2.4~exp1ubuntu4.1" + }, + { + "SPDXID": "SPDXRef-Package-deb-findutils-b9814dc4998bd300", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:findutils:findutils:4.9.0-5build1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/findutils@4.9.0-5build1?arch=amd64\u0026distro=ubuntu-24.04", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "BSD-3-Clause AND FSFAP AND FSFULLR AND GFDL-1.3-only AND LicenseRef-GFDL-NIV-1.3- AND LicenseRef-GPL AND GPL-2.0-only AND GPL-2.0-or-later AND GPL-3.0-only AND GPL-3.0-or-later AND ISC AND LGPL-2.0-only AND LGPL-2.0-or-later AND LGPL-2.1-only AND LGPL-2.1-or-later AND LGPL-3.0-only AND LGPL-3.0-or-later AND X11 AND LicenseRef-public-domain", + "name": "findutils", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/findutils/copyright, /var/lib/dpkg/info/findutils.md5sums, /var/lib/dpkg/info/findutils.list", + "supplier": "NOASSERTION", + "versionInfo": "4.9.0-5build1" + }, + { + "SPDXID": "SPDXRef-Package-deb-gcc-14-base-1adead95e56feff9", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:gcc-14-base:gcc-14-base:14.2.0-4ubuntu2\\~24.04:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:gcc-14-base:gcc_14_base:14.2.0-4ubuntu2\\~24.04:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:gcc_14_base:gcc-14-base:14.2.0-4ubuntu2\\~24.04:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:gcc_14_base:gcc_14_base:14.2.0-4ubuntu2\\~24.04:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:gcc-14:gcc-14-base:14.2.0-4ubuntu2\\~24.04:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:gcc-14:gcc_14_base:14.2.0-4ubuntu2\\~24.04:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:gcc_14:gcc-14-base:14.2.0-4ubuntu2\\~24.04:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:gcc_14:gcc_14_base:14.2.0-4ubuntu2\\~24.04:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:gcc:gcc-14-base:14.2.0-4ubuntu2\\~24.04:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:gcc:gcc_14_base:14.2.0-4ubuntu2\\~24.04:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/gcc-14-base@14.2.0-4ubuntu2~24.04?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=gcc-14", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "LicenseRef-Artistic AND GFDL-1.2-only AND LicenseRef-GPL AND GPL-3.0-only AND LicenseRef-LGPL", + "name": "gcc-14-base", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/gcc-14-base/copyright, /var/lib/dpkg/info/gcc-14-base:amd64.md5sums", + "supplier": "NOASSERTION", + "versionInfo": "14.2.0-4ubuntu2~24.04" + }, + { + "SPDXID": "SPDXRef-Package-deb-gnupg-9cf40981dc0dd7b7", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:gnupg:gnupg:2.4.4-2ubuntu17.3:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/gnupg@2.4.4-2ubuntu17.3?arch=all\u0026distro=ubuntu-24.04\u0026upstream=gnupg2", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "BSD-3-Clause AND CC0-1.0 AND LicenseRef-Expat AND GPL-2.0-or-later AND GPL-2.0-only AND GPL-3.0-only AND GPL-3.0-or-later AND LGPL-2.1-only AND LGPL-2.1-or-later AND LGPL-3.0-only AND LGPL-3.0-or-later AND LicenseRef-RFC-Reference AND LicenseRef-TinySCHEME AND LicenseRef-permissive", + "name": "gnupg", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/gnupg/copyright, /var/lib/dpkg/info/gnupg.md5sums, /var/lib/dpkg/info/gnupg.list", + "supplier": "NOASSERTION", + "versionInfo": "2.4.4-2ubuntu17.3" + }, + { + "SPDXID": "SPDXRef-Package-deb-gnupg-l10n-57f9b081532e3408", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:gnupg-l10n:gnupg-l10n:2.4.4-2ubuntu17.3:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:gnupg-l10n:gnupg_l10n:2.4.4-2ubuntu17.3:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:gnupg_l10n:gnupg-l10n:2.4.4-2ubuntu17.3:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:gnupg_l10n:gnupg_l10n:2.4.4-2ubuntu17.3:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:gnupg:gnupg-l10n:2.4.4-2ubuntu17.3:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:gnupg:gnupg_l10n:2.4.4-2ubuntu17.3:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/gnupg-l10n@2.4.4-2ubuntu17.3?arch=all\u0026distro=ubuntu-24.04\u0026upstream=gnupg2", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "BSD-3-Clause AND CC0-1.0 AND LicenseRef-Expat AND GPL-2.0-or-later AND GPL-2.0-only AND GPL-3.0-only AND GPL-3.0-or-later AND LGPL-2.1-only AND LGPL-2.1-or-later AND LGPL-3.0-only AND LGPL-3.0-or-later AND LicenseRef-RFC-Reference AND LicenseRef-TinySCHEME AND LicenseRef-permissive", + "name": "gnupg-l10n", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/gnupg-l10n/copyright, /var/lib/dpkg/info/gnupg-l10n.md5sums, /var/lib/dpkg/info/gnupg-l10n.list", + "supplier": "NOASSERTION", + "versionInfo": "2.4.4-2ubuntu17.3" + }, + { + "SPDXID": "SPDXRef-Package-deb-gnupg-utils-bee049983812c632", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:gnupg-utils:gnupg-utils:2.4.4-2ubuntu17.3:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:gnupg-utils:gnupg_utils:2.4.4-2ubuntu17.3:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:gnupg_utils:gnupg-utils:2.4.4-2ubuntu17.3:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:gnupg_utils:gnupg_utils:2.4.4-2ubuntu17.3:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:gnupg:gnupg-utils:2.4.4-2ubuntu17.3:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:gnupg:gnupg_utils:2.4.4-2ubuntu17.3:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/gnupg-utils@2.4.4-2ubuntu17.3?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=gnupg2", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "BSD-3-Clause AND CC0-1.0 AND LicenseRef-Expat AND GPL-2.0-or-later AND GPL-2.0-only AND GPL-3.0-only AND GPL-3.0-or-later AND LGPL-2.1-only AND LGPL-2.1-or-later AND LGPL-3.0-only AND LGPL-3.0-or-later AND LicenseRef-RFC-Reference AND LicenseRef-TinySCHEME AND LicenseRef-permissive", + "name": "gnupg-utils", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/gnupg-utils/copyright, /var/lib/dpkg/info/gnupg-utils.md5sums, /var/lib/dpkg/info/gnupg-utils.list", + "supplier": "NOASSERTION", + "versionInfo": "2.4.4-2ubuntu17.3" + }, + { + "SPDXID": "SPDXRef-Package-deb-gpg-0aba777ff2e36270", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:gpg:gpg:2.4.4-2ubuntu17.3:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/gpg@2.4.4-2ubuntu17.3?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=gnupg2", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "BSD-3-Clause AND CC0-1.0 AND LicenseRef-Expat AND GPL-2.0-or-later AND GPL-2.0-only AND GPL-3.0-only AND GPL-3.0-or-later AND LGPL-2.1-only AND LGPL-2.1-or-later AND LGPL-3.0-only AND LGPL-3.0-or-later AND LicenseRef-RFC-Reference AND LicenseRef-TinySCHEME AND LicenseRef-permissive", + "name": "gpg", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/gpg/copyright, /var/lib/dpkg/info/gpg.md5sums, /var/lib/dpkg/info/gpg.list", + "supplier": "NOASSERTION", + "versionInfo": "2.4.4-2ubuntu17.3" + }, + { + "SPDXID": "SPDXRef-Package-deb-gpg-agent-1a7b4d1eb6aa9512", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:gpg-agent:gpg-agent:2.4.4-2ubuntu17.3:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:gpg-agent:gpg_agent:2.4.4-2ubuntu17.3:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:gpg_agent:gpg-agent:2.4.4-2ubuntu17.3:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:gpg_agent:gpg_agent:2.4.4-2ubuntu17.3:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:gpg:gpg-agent:2.4.4-2ubuntu17.3:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:gpg:gpg_agent:2.4.4-2ubuntu17.3:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/gpg-agent@2.4.4-2ubuntu17.3?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=gnupg2", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "BSD-3-Clause AND CC0-1.0 AND LicenseRef-Expat AND GPL-2.0-or-later AND GPL-2.0-only AND GPL-3.0-only AND GPL-3.0-or-later AND LGPL-2.1-only AND LGPL-2.1-or-later AND LGPL-3.0-only AND LGPL-3.0-or-later AND LicenseRef-RFC-Reference AND LicenseRef-TinySCHEME AND LicenseRef-permissive", + "name": "gpg-agent", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/gpg-agent/copyright, /var/lib/dpkg/info/gpg-agent.conffiles, /var/lib/dpkg/info/gpg-agent.md5sums, /var/lib/dpkg/info/gpg-agent.list, /var/lib/dpkg/info/gpg-agent.postinst, /var/lib/dpkg/info/gpg-agent.postrm", + "supplier": "NOASSERTION", + "versionInfo": "2.4.4-2ubuntu17.3" + }, + { + "SPDXID": "SPDXRef-Package-deb-gpg-wks-client-0030be527c68b42a", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:gpg-wks-client:gpg-wks-client:2.4.4-2ubuntu17.3:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:gpg-wks-client:gpg_wks_client:2.4.4-2ubuntu17.3:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:gpg_wks_client:gpg-wks-client:2.4.4-2ubuntu17.3:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:gpg_wks_client:gpg_wks_client:2.4.4-2ubuntu17.3:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:gpg-wks:gpg-wks-client:2.4.4-2ubuntu17.3:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:gpg-wks:gpg_wks_client:2.4.4-2ubuntu17.3:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:gpg_wks:gpg-wks-client:2.4.4-2ubuntu17.3:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:gpg_wks:gpg_wks_client:2.4.4-2ubuntu17.3:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:gpg:gpg-wks-client:2.4.4-2ubuntu17.3:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:gpg:gpg_wks_client:2.4.4-2ubuntu17.3:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/gpg-wks-client@2.4.4-2ubuntu17.3?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=gnupg2", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "BSD-3-Clause AND CC0-1.0 AND LicenseRef-Expat AND GPL-2.0-or-later AND GPL-2.0-only AND GPL-3.0-only AND GPL-3.0-or-later AND LGPL-2.1-only AND LGPL-2.1-or-later AND LGPL-3.0-only AND LGPL-3.0-or-later AND LicenseRef-RFC-Reference AND LicenseRef-TinySCHEME AND LicenseRef-permissive", + "name": "gpg-wks-client", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/gpg-wks-client/copyright, /var/lib/dpkg/info/gpg-wks-client.md5sums, /var/lib/dpkg/info/gpg-wks-client.list", + "supplier": "NOASSERTION", + "versionInfo": "2.4.4-2ubuntu17.3" + }, + { + "SPDXID": "SPDXRef-Package-deb-gpgconf-2dd472274ba641aa", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:gpgconf:gpgconf:2.4.4-2ubuntu17.3:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/gpgconf@2.4.4-2ubuntu17.3?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=gnupg2", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "BSD-3-Clause AND CC0-1.0 AND LicenseRef-Expat AND GPL-2.0-or-later AND GPL-2.0-only AND GPL-3.0-only AND GPL-3.0-or-later AND LGPL-2.1-only AND LGPL-2.1-or-later AND LGPL-3.0-only AND LGPL-3.0-or-later AND LicenseRef-RFC-Reference AND LicenseRef-TinySCHEME AND LicenseRef-permissive", + "name": "gpgconf", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/gpgconf/copyright, /var/lib/dpkg/info/gpgconf.md5sums, /var/lib/dpkg/info/gpgconf.list", + "supplier": "NOASSERTION", + "versionInfo": "2.4.4-2ubuntu17.3" + }, + { + "SPDXID": "SPDXRef-Package-deb-gpgsm-af198ea4577f9122", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:gpgsm:gpgsm:2.4.4-2ubuntu17.3:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/gpgsm@2.4.4-2ubuntu17.3?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=gnupg2", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "BSD-3-Clause AND CC0-1.0 AND LicenseRef-Expat AND GPL-2.0-or-later AND GPL-2.0-only AND GPL-3.0-only AND GPL-3.0-or-later AND LGPL-2.1-only AND LGPL-2.1-or-later AND LGPL-3.0-only AND LGPL-3.0-or-later AND LicenseRef-RFC-Reference AND LicenseRef-TinySCHEME AND LicenseRef-permissive", + "name": "gpgsm", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/gpgsm/copyright, /var/lib/dpkg/info/gpgsm.md5sums, /var/lib/dpkg/info/gpgsm.list", + "supplier": "NOASSERTION", + "versionInfo": "2.4.4-2ubuntu17.3" + }, + { + "SPDXID": "SPDXRef-Package-deb-gpgv-21d76c4fb81983b3", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:gpgv:gpgv:2.4.4-2ubuntu17.3:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/gpgv@2.4.4-2ubuntu17.3?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=gnupg2", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "BSD-3-Clause AND CC0-1.0 AND LicenseRef-Expat AND GPL-2.0-or-later AND GPL-2.0-only AND GPL-3.0-only AND GPL-3.0-or-later AND LGPL-2.1-only AND LGPL-2.1-or-later AND LGPL-3.0-only AND LGPL-3.0-or-later AND LicenseRef-RFC-Reference AND LicenseRef-TinySCHEME AND LicenseRef-permissive", + "name": "gpgv", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/gpgv/copyright, /var/lib/dpkg/info/gpgv.md5sums, /var/lib/dpkg/info/gpgv.list", + "supplier": "NOASSERTION", + "versionInfo": "2.4.4-2ubuntu17.3" + }, + { + "SPDXID": "SPDXRef-Package-deb-grep-f0aa2fa812feea5d", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:grep:grep:3.11-4build1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/grep@3.11-4build1?arch=amd64\u0026distro=ubuntu-24.04", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "GPL-3.0-only AND GPL-3.0-or-later", + "name": "grep", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/grep/copyright, /var/lib/dpkg/info/grep.md5sums, /var/lib/dpkg/info/grep.list", + "supplier": "NOASSERTION", + "versionInfo": "3.11-4build1" + }, + { + "SPDXID": "SPDXRef-Package-deb-gzip-6ef02dd49ce06248", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:gzip:gzip:1.12-1ubuntu3.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/gzip@1.12-1ubuntu3.1?arch=amd64\u0026distro=ubuntu-24.04", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "LicenseRef-FSF-manpages AND LicenseRef-GFDL-1.3--no-invariant AND LicenseRef-GFDL-3 AND GPL-3.0-only AND GPL-3.0-or-later", + "name": "gzip", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/gzip/copyright, /var/lib/dpkg/info/gzip.md5sums, /var/lib/dpkg/info/gzip.list, /var/lib/dpkg/info/gzip.postinst, /var/lib/dpkg/info/gzip.preinst", + "supplier": "NOASSERTION", + "versionInfo": "1.12-1ubuntu3.1" + }, + { + "SPDXID": "SPDXRef-Package-deb-hostname-7179d4e6330cd8fa", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:hostname:hostname:3.23\\+nmu2ubuntu2:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/hostname@3.23%2Bnmu2ubuntu2?arch=amd64\u0026distro=ubuntu-24.04", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "GPL-2.0-only", + "name": "hostname", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/hostname/copyright, /var/lib/dpkg/info/hostname.md5sums, /var/lib/dpkg/info/hostname.list", + "supplier": "NOASSERTION", + "versionInfo": "3.23+nmu2ubuntu2" + }, + { + "SPDXID": "SPDXRef-Package-deb-init-system-helpers-55f477d3dcf15da3", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:init-system-helpers:init-system-helpers:1.66ubuntu1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:init-system-helpers:init_system_helpers:1.66ubuntu1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:init_system_helpers:init-system-helpers:1.66ubuntu1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:init_system_helpers:init_system_helpers:1.66ubuntu1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:init-system:init-system-helpers:1.66ubuntu1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:init-system:init_system_helpers:1.66ubuntu1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:init_system:init-system-helpers:1.66ubuntu1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:init_system:init_system_helpers:1.66ubuntu1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:init:init-system-helpers:1.66ubuntu1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:init:init_system_helpers:1.66ubuntu1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/init-system-helpers@1.66ubuntu1?arch=all\u0026distro=ubuntu-24.04", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "BSD-3-Clause AND GPL-2.0-only AND GPL-2.0-or-later", + "name": "init-system-helpers", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/init-system-helpers/copyright, /var/lib/dpkg/info/init-system-helpers.md5sums, /var/lib/dpkg/info/init-system-helpers.list", + "supplier": "NOASSERTION", + "versionInfo": "1.66ubuntu1" + }, + { + "SPDXID": "SPDXRef-Package-deb-jq-a3dc5610d6af081a", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:jq:jq:1.7.1-3ubuntu0.24.04.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/jq@1.7.1-3ubuntu0.24.04.1?arch=amd64\u0026distro=ubuntu-24.04", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "CC-BY-3.0 AND LicenseRef-Expat AND GPL-2.0-only AND GPL-2.0-or-later AND MIT", + "name": "jq", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/jq/copyright, /var/lib/dpkg/info/jq.md5sums, /var/lib/dpkg/info/jq.list", + "supplier": "NOASSERTION", + "versionInfo": "1.7.1-3ubuntu0.24.04.1" + }, + { + "SPDXID": "SPDXRef-Package-deb-keyboxd-3f3c2a0af17fae2b", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:keyboxd:keyboxd:2.4.4-2ubuntu17.3:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/keyboxd@2.4.4-2ubuntu17.3?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=gnupg2", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "BSD-3-Clause AND CC0-1.0 AND LicenseRef-Expat AND GPL-2.0-or-later AND GPL-2.0-only AND GPL-3.0-only AND GPL-3.0-or-later AND LGPL-2.1-only AND LGPL-2.1-or-later AND LGPL-3.0-only AND LGPL-3.0-or-later AND LicenseRef-RFC-Reference AND LicenseRef-TinySCHEME AND LicenseRef-permissive", + "name": "keyboxd", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/keyboxd/copyright, /var/lib/dpkg/info/keyboxd.md5sums, /var/lib/dpkg/info/keyboxd.list, /var/lib/dpkg/info/keyboxd.postinst, /var/lib/dpkg/info/keyboxd.postrm", + "supplier": "NOASSERTION", + "versionInfo": "2.4.4-2ubuntu17.3" + }, + { + "SPDXID": "SPDXRef-Package-deb-krb5-locales-bd4194806dab0fb5", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:krb5-locales:krb5-locales:1.20.1-6ubuntu2.6:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:krb5-locales:krb5_locales:1.20.1-6ubuntu2.6:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:krb5_locales:krb5-locales:1.20.1-6ubuntu2.6:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:krb5_locales:krb5_locales:1.20.1-6ubuntu2.6:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:krb5:krb5-locales:1.20.1-6ubuntu2.6:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:krb5:krb5_locales:1.20.1-6ubuntu2.6:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/krb5-locales@1.20.1-6ubuntu2.6?arch=all\u0026distro=ubuntu-24.04\u0026upstream=krb5", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "GPL-2.0-only", + "name": "krb5-locales", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/krb5-locales/copyright, /var/lib/dpkg/info/krb5-locales.md5sums, /var/lib/dpkg/info/krb5-locales.list", + "supplier": "NOASSERTION", + "versionInfo": "1.20.1-6ubuntu2.6" + }, + { + "SPDXID": "SPDXRef-Package-deb-libacl1-bb3fa210c4617fe7", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libacl1:libacl1:2.3.2-1build1.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/libacl1@2.3.2-1build1.1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=acl", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "GPL-2.0-only AND GPL-2.0-or-later AND LGPL-2.0-or-later AND LGPL-2.1-only", + "name": "libacl1", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/libacl1/copyright, /var/lib/dpkg/info/libacl1:amd64.md5sums", + "supplier": "NOASSERTION", + "versionInfo": "2.3.2-1build1.1" + }, + { + "SPDXID": "SPDXRef-Package-deb-libapt-pkg6.0t64-13d506459809d51e", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libapt-pkg6.0t64:libapt-pkg6.0t64:2.8.3:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libapt-pkg6.0t64:libapt_pkg6.0t64:2.8.3:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libapt_pkg6.0t64:libapt-pkg6.0t64:2.8.3:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libapt_pkg6.0t64:libapt_pkg6.0t64:2.8.3:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libapt:libapt-pkg6.0t64:2.8.3:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libapt:libapt_pkg6.0t64:2.8.3:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/libapt-pkg6.0t64@2.8.3?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=apt", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "BSD-3-Clause AND LicenseRef-Expat AND GPL-2.0-only AND GPL-2.0-or-later", + "name": "libapt-pkg6.0t64", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/libapt-pkg6.0t64/copyright, /var/lib/dpkg/info/libapt-pkg6.0t64:amd64.md5sums", + "supplier": "NOASSERTION", + "versionInfo": "2.8.3" + }, + { + "SPDXID": "SPDXRef-Package-deb-libassuan0-8e5f5ced49e7b28c", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libassuan0:libassuan0:2.5.6-1build1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/libassuan0@2.5.6-1build1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=libassuan", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "LicenseRef-GAP AND LicenseRef-GAP-FSF AND GPL-2.0-only AND GPL-2.0-or-later AND GPL-3.0-only AND GPL-3.0-or-later AND LGPL-2.1-only AND LGPL-2.1-or-later AND LGPL-3.0-only AND LGPL-3.0-or-later", + "name": "libassuan0", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/libassuan0/copyright, /var/lib/dpkg/info/libassuan0:amd64.md5sums", + "supplier": "NOASSERTION", + "versionInfo": "2.5.6-1build1" + }, + { + "SPDXID": "SPDXRef-Package-deb-libattr1-f220b53ee9e82286", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libattr1:libattr1:1\\:2.5.2-1build1.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/libattr1@1%3A2.5.2-1build1.1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=attr", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "GPL-2.0-only AND GPL-2.0-or-later AND LGPL-2.0-or-later AND LGPL-2.1-only", + "name": "libattr1", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/libattr1/copyright, /var/lib/dpkg/info/libattr1:amd64.conffiles, /var/lib/dpkg/info/libattr1:amd64.md5sums", + "supplier": "NOASSERTION", + "versionInfo": "1:2.5.2-1build1.1" + }, + { + "SPDXID": "SPDXRef-Package-deb-libaudit-common-56e423b6e9267d88", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libaudit-common:libaudit-common:1\\:3.1.2-2.1build1.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libaudit-common:libaudit_common:1\\:3.1.2-2.1build1.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libaudit_common:libaudit-common:1\\:3.1.2-2.1build1.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libaudit_common:libaudit_common:1\\:3.1.2-2.1build1.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libaudit:libaudit-common:1\\:3.1.2-2.1build1.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libaudit:libaudit_common:1\\:3.1.2-2.1build1.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/libaudit-common@1%3A3.1.2-2.1build1.1?arch=all\u0026distro=ubuntu-24.04\u0026upstream=audit", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "GPL-1.0-only AND GPL-2.0-only AND LGPL-2.1-only", + "name": "libaudit-common", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/libaudit-common/copyright, /var/lib/dpkg/info/libaudit-common.conffiles, /var/lib/dpkg/info/libaudit-common.md5sums, /var/lib/dpkg/info/libaudit-common.list", + "supplier": "NOASSERTION", + "versionInfo": "1:3.1.2-2.1build1.1" + }, + { + "SPDXID": "SPDXRef-Package-deb-libaudit1-e653b715519534d5", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libaudit1:libaudit1:1\\:3.1.2-2.1build1.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/libaudit1@1%3A3.1.2-2.1build1.1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=audit", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "GPL-1.0-only AND GPL-2.0-only AND LGPL-2.1-only", + "name": "libaudit1", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/libaudit1/copyright, /var/lib/dpkg/info/libaudit1:amd64.md5sums", + "supplier": "NOASSERTION", + "versionInfo": "1:3.1.2-2.1build1.1" + }, + { + "SPDXID": "SPDXRef-Package-deb-libblkid1-f15236cf9379103e", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libblkid1:libblkid1:2.39.3-9ubuntu6.3:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/libblkid1@2.39.3-9ubuntu6.3?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=util-linux", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "BSD-3-Clause AND BSD-4-Clause AND LicenseRef-BSLA AND GPL-2.0-only AND GPL-2.0-or-later AND GPL-3.0-only AND GPL-3.0-or-later AND LicenseRef-LGPL AND LGPL-2.0-only AND LGPL-2.0-or-later AND LGPL-2.1-only AND LGPL-2.1-or-later AND LGPL-3.0-only AND LGPL-3.0-or-later AND MIT AND LicenseRef-public-domain", + "name": "libblkid1", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/libblkid1/copyright, /var/lib/dpkg/info/libblkid1:amd64.md5sums", + "supplier": "NOASSERTION", + "versionInfo": "2.39.3-9ubuntu6.3" + }, + { + "SPDXID": "SPDXRef-Package-deb-libbrotli1-bf0b5dc9ecd638c2", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libbrotli1:libbrotli1:1.1.0-2build2:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/libbrotli1@1.1.0-2build2?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=brotli", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "MIT", + "name": "libbrotli1", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/libbrotli1/copyright, /var/lib/dpkg/info/libbrotli1:amd64.md5sums", + "supplier": "NOASSERTION", + "versionInfo": "1.1.0-2build2" + }, + { + "SPDXID": "SPDXRef-Package-deb-libbsd0-b4e1114299530db5", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libbsd0:libbsd0:0.12.1-1build1.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/libbsd0@0.12.1-1build1.1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=libbsd", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "BSD-2-Clause AND BSD-2-Clause AND LicenseRef-BSD-2-clause-author AND LicenseRef-BSD-2-clause-verbatim AND BSD-3-Clause AND LicenseRef-BSD-3-clause-John-Birrell AND LicenseRef-BSD-3-clause-Regents AND LicenseRef-BSD-3-clause-author AND LicenseRef-BSD-5-clause-Peter-Wemm AND Beerware AND LicenseRef-Expat AND ISC AND LicenseRef-ISC-Original AND LicenseRef-public-domain", + "name": "libbsd0", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/libbsd0/copyright, /var/lib/dpkg/info/libbsd0:amd64.md5sums", + "supplier": "NOASSERTION", + "versionInfo": "0.12.1-1build1.1" + }, + { + "SPDXID": "SPDXRef-Package-deb-libbz2-1.0-c666aef9f22ed237", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libbz2-1.0:libbz2-1.0:1.0.8-5.1build0.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libbz2-1.0:libbz2_1.0:1.0.8-5.1build0.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libbz2_1.0:libbz2-1.0:1.0.8-5.1build0.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libbz2_1.0:libbz2_1.0:1.0.8-5.1build0.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libbz2:libbz2-1.0:1.0.8-5.1build0.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libbz2:libbz2_1.0:1.0.8-5.1build0.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/libbz2-1.0@1.0.8-5.1build0.1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=bzip2", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "LicenseRef-BSD-variant AND GPL-2.0-only", + "name": "libbz2-1.0", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/libbz2-1.0/copyright, /var/lib/dpkg/info/libbz2-1.0:amd64.md5sums", + "supplier": "NOASSERTION", + "versionInfo": "1.0.8-5.1build0.1" + }, + { + "SPDXID": "SPDXRef-Package-deb-libc-bin-42c35c4c16725be7", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libc-bin:libc-bin:2.39-0ubuntu8.6:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libc-bin:libc_bin:2.39-0ubuntu8.6:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libc_bin:libc-bin:2.39-0ubuntu8.6:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libc_bin:libc_bin:2.39-0ubuntu8.6:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libc:libc-bin:2.39-0ubuntu8.6:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libc:libc_bin:2.39-0ubuntu8.6:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/libc-bin@2.39-0ubuntu8.6?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=glibc", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "GFDL-1.3-only AND GPL-2.0-only AND LGPL-2.1-only", + "name": "libc-bin", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/libc-bin/copyright, /var/lib/dpkg/info/libc-bin.conffiles, /var/lib/dpkg/info/libc-bin.md5sums, /var/lib/dpkg/info/libc-bin.list, /var/lib/dpkg/info/libc-bin.postinst, /var/lib/dpkg/info/libc-bin.triggers", + "supplier": "NOASSERTION", + "versionInfo": "2.39-0ubuntu8.6" + }, + { + "SPDXID": "SPDXRef-Package-deb-libc6-3db3e8698c7ab8e5", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libc6:libc6:2.39-0ubuntu8.6:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/libc6@2.39-0ubuntu8.6?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=glibc", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "GFDL-1.3-only AND GPL-2.0-only AND LGPL-2.1-only", + "name": "libc6", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/libc6/copyright, /var/lib/dpkg/info/libc6:amd64.conffiles, /var/lib/dpkg/info/libc6:amd64.md5sums", + "supplier": "NOASSERTION", + "versionInfo": "2.39-0ubuntu8.6" + }, + { + "SPDXID": "SPDXRef-Package-deb-libcap-ng0-43674d423f707706", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libcap-ng0:libcap-ng0:0.8.4-2build2:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libcap-ng0:libcap_ng0:0.8.4-2build2:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libcap_ng0:libcap-ng0:0.8.4-2build2:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libcap_ng0:libcap_ng0:0.8.4-2build2:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libcap:libcap-ng0:0.8.4-2build2:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libcap:libcap_ng0:0.8.4-2build2:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/libcap-ng0@0.8.4-2build2?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=libcap-ng", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "GPL-2.0-only AND GPL-2.0-or-later AND GPL-3.0-only AND LGPL-2.1-only AND LGPL-2.1-or-later", + "name": "libcap-ng0", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/libcap-ng0/copyright, /var/lib/dpkg/info/libcap-ng0:amd64.md5sums", + "supplier": "NOASSERTION", + "versionInfo": "0.8.4-2build2" + }, + { + "SPDXID": "SPDXRef-Package-deb-libcap2-69e7069bcc12bfaa", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libcap2:libcap2:1\\:2.66-5ubuntu2.2:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/libcap2@1%3A2.66-5ubuntu2.2?arch=amd64\u0026distro=ubuntu-24.04", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "BSD-3-Clause AND GPL-2.0-only AND GPL-2.0-or-later", + "name": "libcap2", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/libcap2/copyright, /var/lib/dpkg/info/libcap2:amd64.md5sums", + "supplier": "NOASSERTION", + "versionInfo": "1:2.66-5ubuntu2.2" + }, + { + "SPDXID": "SPDXRef-Package-deb-libcom-err2-fb8ba7593ed05875", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libcom-err2:libcom-err2:1.47.0-2.4\\~exp1ubuntu4.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libcom-err2:libcom_err2:1.47.0-2.4\\~exp1ubuntu4.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libcom_err2:libcom-err2:1.47.0-2.4\\~exp1ubuntu4.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libcom_err2:libcom_err2:1.47.0-2.4\\~exp1ubuntu4.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libcom:libcom-err2:1.47.0-2.4\\~exp1ubuntu4.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libcom:libcom_err2:1.47.0-2.4\\~exp1ubuntu4.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/libcom-err2@1.47.0-2.4~exp1ubuntu4.1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=e2fsprogs", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "Apache-2.0 AND Apache-2.0 AND BSD-3-Clause AND LicenseRef-GPL AND GPL-2.0-only AND GPL-2.0-or-later AND ISC AND Kazlib AND LGPL-2.0-only AND Latex2e", + "name": "libcom-err2", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/libcom-err2/copyright, /var/lib/dpkg/info/libcom-err2:amd64.md5sums", + "supplier": "NOASSERTION", + "versionInfo": "1.47.0-2.4~exp1ubuntu4.1" + }, + { + "SPDXID": "SPDXRef-Package-deb-libcrypt1-7172158587c8e198", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libcrypt1:libcrypt1:1\\:4.4.36-4build1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/libcrypt1@1%3A4.4.36-4build1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=libxcrypt", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "LicenseRef-5a5e7ca0e9f3f9679977e3a3e9ede45ad92885a3297ea78e766979f9866c5a16", + "licenseDeclared": "NOASSERTION", + "name": "libcrypt1", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/libcrypt1/copyright, /var/lib/dpkg/info/libcrypt1:amd64.md5sums", + "supplier": "NOASSERTION", + "versionInfo": "1:4.4.36-4build1" + }, + { + "SPDXID": "SPDXRef-Package-deb-libcurl4t64-83f0f2255ea803f0", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libcurl4t64:libcurl4t64:8.5.0-2ubuntu10.6:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/libcurl4t64@8.5.0-2ubuntu10.6?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=curl", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "BSD-3-Clause AND BSD-3-Clause AND BSD-4-Clause-UC AND FSFULLR AND GPL-2.0-only AND GPL-2.0-or-later AND GPL-3.0-or-later AND ISC AND OLDAP-2.8 AND X11 AND curl", + "name": "libcurl4t64", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/libcurl4t64/copyright, /var/lib/dpkg/info/libcurl4t64:amd64.md5sums", + "supplier": "NOASSERTION", + "versionInfo": "8.5.0-2ubuntu10.6" + }, + { + "SPDXID": "SPDXRef-Package-deb-libdb5.3t64-cf8f897d0000aeb5", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libdb5.3t64:libdb5.3t64:5.3.28\\+dfsg2-7:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/libdb5.3t64@5.3.28%2Bdfsg2-7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=db5.3", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "LicenseRef-Artistic AND BSD-3-Clause AND LicenseRef-BSD-3-clause-fjord AND LicenseRef-GPL AND GPL-3.0-only AND LicenseRef-MIT-old AND MS-PL AND Sleepycat AND LicenseRef-TCL-like AND X11 AND Zlib", + "name": "libdb5.3t64", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/libdb5.3t64/copyright, /var/lib/dpkg/info/libdb5.3t64:amd64.md5sums", + "supplier": "NOASSERTION", + "versionInfo": "5.3.28+dfsg2-7" + }, + { + "SPDXID": "SPDXRef-Package-deb-libdebconfclient0-60bdcb0a15567bb2", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libdebconfclient0:libdebconfclient0:0.271ubuntu3:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/libdebconfclient0@0.271ubuntu3?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=cdebconf", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "BSD-2-Clause AND BSD-2-Clause AND GPL-2.0-only AND GPL-2.0-or-later", + "name": "libdebconfclient0", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/libdebconfclient0/copyright, /var/lib/dpkg/info/libdebconfclient0:amd64.md5sums", + "supplier": "NOASSERTION", + "versionInfo": "0.271ubuntu3" + }, + { + "SPDXID": "SPDXRef-Package-deb-libext2fs2t64-53e7d98a0dbe6336", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libext2fs2t64:libext2fs2t64:1.47.0-2.4\\~exp1ubuntu4.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/libext2fs2t64@1.47.0-2.4~exp1ubuntu4.1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=e2fsprogs", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "Apache-2.0 AND Apache-2.0 AND BSD-3-Clause AND LicenseRef-GPL AND GPL-2.0-only AND GPL-2.0-or-later AND ISC AND Kazlib AND LGPL-2.0-only AND Latex2e", + "name": "libext2fs2t64", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/libext2fs2t64/copyright, /var/lib/dpkg/info/libext2fs2t64:amd64.md5sums", + "supplier": "NOASSERTION", + "versionInfo": "1.47.0-2.4~exp1ubuntu4.1" + }, + { + "SPDXID": "SPDXRef-Package-deb-libffi8-10f8f209c4e6c059", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libffi8:libffi8:3.4.6-1build1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/libffi8@3.4.6-1build1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=libffi", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "LicenseRef-Expat AND LicenseRef-GPL AND GPL-2.0-or-later AND GPL-3.0-or-later AND MPL-1.1 AND X11 AND LicenseRef-public-domain", + "name": "libffi8", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/libffi8/copyright, /var/lib/dpkg/info/libffi8:amd64.md5sums", + "supplier": "NOASSERTION", + "versionInfo": "3.4.6-1build1" + }, + { + "SPDXID": "SPDXRef-Package-deb-libgcc-s1-8e11f1cdecd937b2", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libgcc-s1:libgcc-s1:14.2.0-4ubuntu2\\~24.04:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libgcc-s1:libgcc_s1:14.2.0-4ubuntu2\\~24.04:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libgcc_s1:libgcc-s1:14.2.0-4ubuntu2\\~24.04:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libgcc_s1:libgcc_s1:14.2.0-4ubuntu2\\~24.04:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libgcc:libgcc-s1:14.2.0-4ubuntu2\\~24.04:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libgcc:libgcc_s1:14.2.0-4ubuntu2\\~24.04:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/libgcc-s1@14.2.0-4ubuntu2~24.04?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=gcc-14", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "LicenseRef-Artistic AND GFDL-1.2-only AND LicenseRef-GPL AND GPL-3.0-only AND LicenseRef-LGPL", + "name": "libgcc-s1", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/gcc-14-base/copyright, /var/lib/dpkg/info/libgcc-s1:amd64.md5sums", + "supplier": "NOASSERTION", + "versionInfo": "14.2.0-4ubuntu2~24.04" + }, + { + "SPDXID": "SPDXRef-Package-deb-libgcrypt20-30a91a85b60f0068", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libgcrypt20:libgcrypt20:1.10.3-2build1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/libgcrypt20@1.10.3-2build1?arch=amd64\u0026distro=ubuntu-24.04", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "GPL-2.0-only AND LicenseRef-LGPL", + "name": "libgcrypt20", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/libgcrypt20/copyright, /var/lib/dpkg/info/libgcrypt20:amd64.md5sums", + "supplier": "NOASSERTION", + "versionInfo": "1.10.3-2build1" + }, + { + "SPDXID": "SPDXRef-Package-deb-libgmp10-29bd0be0c60b882d", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libgmp10:libgmp10:2\\:6.3.0\\+dfsg-2ubuntu6.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/libgmp10@2%3A6.3.0%2Bdfsg-2ubuntu6.1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=gmp", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "GPL-2.0-only AND GPL-2.0-or-later AND GPL-3.0-only AND GPL-3.0-or-later AND LGPL-3.0-only AND LGPL-3.0-or-later", + "name": "libgmp10", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/libgmp10/copyright, /var/lib/dpkg/info/libgmp10:amd64.md5sums", + "supplier": "NOASSERTION", + "versionInfo": "2:6.3.0+dfsg-2ubuntu6.1" + }, + { + "SPDXID": "SPDXRef-Package-deb-libgnutls30t64-9536300c90fd50b2", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libgnutls30t64:libgnutls30t64:3.8.3-1.1ubuntu3.4:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/libgnutls30t64@3.8.3-1.1ubuntu3.4?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=gnutls28", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "Apache-2.0 AND BSD-3-Clause AND LicenseRef-CC0 AND LicenseRef-Expat AND GFDL-1.3-only AND LicenseRef-GPL AND GPL-3.0-only AND LicenseRef-GPLv3- AND LicenseRef-LGPL AND LGPL-3.0-only AND LicenseRef-LGPLv2.1- AND LicenseRef-LGPLv3--or-GPLv2- AND LicenseRef-The", + "name": "libgnutls30t64", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/libgnutls30t64/copyright, /var/lib/dpkg/info/libgnutls30t64:amd64.conffiles, /var/lib/dpkg/info/libgnutls30t64:amd64.md5sums", + "supplier": "NOASSERTION", + "versionInfo": "3.8.3-1.1ubuntu3.4" + }, + { + "SPDXID": "SPDXRef-Package-deb-libgpg-error0-efbbad5e3c6a8959", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libgpg-error0:libgpg-error0:1.47-3build2.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libgpg-error0:libgpg_error0:1.47-3build2.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libgpg_error0:libgpg-error0:1.47-3build2.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libgpg_error0:libgpg_error0:1.47-3build2.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libgpg:libgpg-error0:1.47-3build2.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libgpg:libgpg_error0:1.47-3build2.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/libgpg-error0@1.47-3build2.1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=libgpg-error", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "BSD-3-Clause AND GPL-3.0-only AND GPL-3.0-or-later AND LGPL-2.1-only AND LGPL-2.1-or-later AND LicenseRef-g10-permissive", + "name": "libgpg-error0", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/libgpg-error0/copyright, /var/lib/dpkg/info/libgpg-error0:amd64.md5sums", + "supplier": "NOASSERTION", + "versionInfo": "1.47-3build2.1" + }, + { + "SPDXID": "SPDXRef-Package-deb-libgssapi-krb5-2-969bf6cc3ae38f50", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libgssapi-krb5-2:libgssapi-krb5-2:1.20.1-6ubuntu2.6:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libgssapi-krb5-2:libgssapi_krb5_2:1.20.1-6ubuntu2.6:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libgssapi_krb5_2:libgssapi-krb5-2:1.20.1-6ubuntu2.6:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libgssapi_krb5_2:libgssapi_krb5_2:1.20.1-6ubuntu2.6:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libgssapi-krb5:libgssapi-krb5-2:1.20.1-6ubuntu2.6:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libgssapi-krb5:libgssapi_krb5_2:1.20.1-6ubuntu2.6:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libgssapi_krb5:libgssapi-krb5-2:1.20.1-6ubuntu2.6:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libgssapi_krb5:libgssapi_krb5_2:1.20.1-6ubuntu2.6:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libgssapi:libgssapi-krb5-2:1.20.1-6ubuntu2.6:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libgssapi:libgssapi_krb5_2:1.20.1-6ubuntu2.6:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/libgssapi-krb5-2@1.20.1-6ubuntu2.6?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=krb5", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "GPL-2.0-only", + "name": "libgssapi-krb5-2", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/libgssapi-krb5-2/copyright, /var/lib/dpkg/info/libgssapi-krb5-2:amd64.md5sums", + "supplier": "NOASSERTION", + "versionInfo": "1.20.1-6ubuntu2.6" + }, + { + "SPDXID": "SPDXRef-Package-deb-libhogweed6t64-c722c6f50cc79f5c", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libhogweed6t64:libhogweed6t64:3.9.1-2.2build1.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/libhogweed6t64@3.9.1-2.2build1.1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=nettle", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "LicenseRef-Expat AND LicenseRef-GAP AND LicenseRef-GPL AND GPL-2.0-only AND GPL-2.0-or-later AND GPL-3.0-or-later AND LicenseRef-LGPL AND LGPL-2.0-only AND LGPL-2.0-or-later AND LGPL-3.0-or-later AND LicenseRef-public-domain", + "name": "libhogweed6t64", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/libhogweed6t64/copyright, /var/lib/dpkg/info/libhogweed6t64:amd64.md5sums", + "supplier": "NOASSERTION", + "versionInfo": "3.9.1-2.2build1.1" + }, + { + "SPDXID": "SPDXRef-Package-deb-libidn2-0-63f5d592d570cb05", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libidn2-0:libidn2-0:2.3.7-2build1.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libidn2-0:libidn2_0:2.3.7-2build1.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libidn2_0:libidn2-0:2.3.7-2build1.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libidn2_0:libidn2_0:2.3.7-2build1.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libidn2:libidn2-0:2.3.7-2build1.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libidn2:libidn2_0:2.3.7-2build1.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/libidn2-0@2.3.7-2build1.1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=libidn2", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "GPL-2.0-only AND GPL-2.0-or-later AND GPL-3.0-only AND GPL-3.0-or-later AND LGPL-3.0-only AND LGPL-3.0-or-later AND LicenseRef-Unicode", + "name": "libidn2-0", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/libidn2-0/copyright, /var/lib/dpkg/info/libidn2-0:amd64.md5sums", + "supplier": "NOASSERTION", + "versionInfo": "2.3.7-2build1.1" + }, + { + "SPDXID": "SPDXRef-Package-deb-libjq1-654c8436ec8d155a", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libjq1:libjq1:1.7.1-3ubuntu0.24.04.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/libjq1@1.7.1-3ubuntu0.24.04.1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=jq", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "CC-BY-3.0 AND LicenseRef-Expat AND GPL-2.0-only AND GPL-2.0-or-later AND MIT", + "name": "libjq1", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/libjq1/copyright, /var/lib/dpkg/info/libjq1:amd64.md5sums", + "supplier": "NOASSERTION", + "versionInfo": "1.7.1-3ubuntu0.24.04.1" + }, + { + "SPDXID": "SPDXRef-Package-deb-libk5crypto3-edcbf456749be91c", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libk5crypto3:libk5crypto3:1.20.1-6ubuntu2.6:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/libk5crypto3@1.20.1-6ubuntu2.6?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=krb5", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "GPL-2.0-only", + "name": "libk5crypto3", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/libk5crypto3/copyright, /var/lib/dpkg/info/libk5crypto3:amd64.md5sums", + "supplier": "NOASSERTION", + "versionInfo": "1.20.1-6ubuntu2.6" + }, + { + "SPDXID": "SPDXRef-Package-deb-libkeyutils1-215205ffd55438a3", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libkeyutils1:libkeyutils1:1.6.3-3build1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/libkeyutils1@1.6.3-3build1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=keyutils", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "GPL-2.0-only AND GPL-2.0-or-later AND LGPL-2.0-only AND LGPL-2.0-or-later", + "name": "libkeyutils1", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/libkeyutils1/copyright, /var/lib/dpkg/info/libkeyutils1:amd64.md5sums", + "supplier": "NOASSERTION", + "versionInfo": "1.6.3-3build1" + }, + { + "SPDXID": "SPDXRef-Package-deb-libkmod2-3b347aca17c8940d", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libkmod2:libkmod2:31\\+20240202-2ubuntu7.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/libkmod2@31%2B20240202-2ubuntu7.1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=kmod", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "GPL-2.0-only AND GPL-2.0-or-later AND LGPL-2.1-only AND LGPL-2.1-or-later", + "name": "libkmod2", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/libkmod2/copyright, /var/lib/dpkg/info/libkmod2:amd64.md5sums", + "supplier": "NOASSERTION", + "versionInfo": "31+20240202-2ubuntu7.1" + }, + { + "SPDXID": "SPDXRef-Package-deb-libkrb5-3-c724245069d911ce", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libkrb5-3:libkrb5-3:1.20.1-6ubuntu2.6:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libkrb5-3:libkrb5_3:1.20.1-6ubuntu2.6:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libkrb5_3:libkrb5-3:1.20.1-6ubuntu2.6:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libkrb5_3:libkrb5_3:1.20.1-6ubuntu2.6:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libkrb5:libkrb5-3:1.20.1-6ubuntu2.6:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libkrb5:libkrb5_3:1.20.1-6ubuntu2.6:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/libkrb5-3@1.20.1-6ubuntu2.6?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=krb5", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "GPL-2.0-only", + "name": "libkrb5-3", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/libkrb5-3/copyright, /var/lib/dpkg/info/libkrb5-3:amd64.md5sums", + "supplier": "NOASSERTION", + "versionInfo": "1.20.1-6ubuntu2.6" + }, + { + "SPDXID": "SPDXRef-Package-deb-libkrb5support0-0763a05c0850fbda", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libkrb5support0:libkrb5support0:1.20.1-6ubuntu2.6:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/libkrb5support0@1.20.1-6ubuntu2.6?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=krb5", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "GPL-2.0-only", + "name": "libkrb5support0", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/libkrb5support0/copyright, /var/lib/dpkg/info/libkrb5support0:amd64.md5sums", + "supplier": "NOASSERTION", + "versionInfo": "1.20.1-6ubuntu2.6" + }, + { + "SPDXID": "SPDXRef-Package-deb-libksba8-c814f748c2466e73", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libksba8:libksba8:1.6.6-1build1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/libksba8@1.6.6-1build1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=libksba", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "FSFUL AND GPL-3.0-only AND LGPL-2.1-or-later", + "name": "libksba8", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/libksba8/copyright, /var/lib/dpkg/info/libksba8:amd64.md5sums", + "supplier": "NOASSERTION", + "versionInfo": "1.6.6-1build1" + }, + { + "SPDXID": "SPDXRef-Package-deb-libldap-common-de5d444e197833e3", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libldap-common:libldap-common:2.6.7\\+dfsg-1\\~exp1ubuntu8.2:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libldap-common:libldap_common:2.6.7\\+dfsg-1\\~exp1ubuntu8.2:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libldap_common:libldap-common:2.6.7\\+dfsg-1\\~exp1ubuntu8.2:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libldap_common:libldap_common:2.6.7\\+dfsg-1\\~exp1ubuntu8.2:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libldap:libldap-common:2.6.7\\+dfsg-1\\~exp1ubuntu8.2:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libldap:libldap_common:2.6.7\\+dfsg-1\\~exp1ubuntu8.2:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/libldap-common@2.6.7%2Bdfsg-1~exp1ubuntu8.2?arch=all\u0026distro=ubuntu-24.04\u0026upstream=openldap", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "BSD-3-Clause AND LicenseRef-BSD-3-clause-California AND LicenseRef-BSD-3-clause-variant AND LicenseRef-BSD-4-clause-California AND Beerware AND LicenseRef-Expat AND LicenseRef-Expat-ISC AND LicenseRef-Expat-UNM AND LicenseRef-F5 AND LicenseRef-FSF-unlimited AND GPL-2.0-only AND GPL-2.0-or-later AND GPL-3.0-only AND GPL-3.0-or-later AND LicenseRef-JCG AND LicenseRef-MIT-XC AND LicenseRef-NeoSoft-permissive AND LicenseRef-OpenLDAP-2.8 AND LicenseRef-UMich AND LicenseRef-public-domain", + "name": "libldap-common", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/libldap-common/copyright, /var/lib/dpkg/info/libldap-common.conffiles, /var/lib/dpkg/info/libldap-common.md5sums, /var/lib/dpkg/info/libldap-common.list", + "supplier": "NOASSERTION", + "versionInfo": "2.6.7+dfsg-1~exp1ubuntu8.2" + }, + { + "SPDXID": "SPDXRef-Package-deb-libldap2-01151935dbb3bc27", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libldap2:libldap2:2.6.7\\+dfsg-1\\~exp1ubuntu8.2:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/libldap2@2.6.7%2Bdfsg-1~exp1ubuntu8.2?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=openldap", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "BSD-3-Clause AND LicenseRef-BSD-3-clause-California AND LicenseRef-BSD-3-clause-variant AND LicenseRef-BSD-4-clause-California AND Beerware AND LicenseRef-Expat AND LicenseRef-Expat-ISC AND LicenseRef-Expat-UNM AND LicenseRef-F5 AND LicenseRef-FSF-unlimited AND GPL-2.0-only AND GPL-2.0-or-later AND GPL-3.0-only AND GPL-3.0-or-later AND LicenseRef-JCG AND LicenseRef-MIT-XC AND LicenseRef-NeoSoft-permissive AND LicenseRef-OpenLDAP-2.8 AND LicenseRef-UMich AND LicenseRef-public-domain", + "name": "libldap2", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/libldap2/copyright, /var/lib/dpkg/info/libldap2:amd64.md5sums", + "supplier": "NOASSERTION", + "versionInfo": "2.6.7+dfsg-1~exp1ubuntu8.2" + }, + { + "SPDXID": "SPDXRef-Package-deb-liblz4-1-6e784e6498f9f850", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:liblz4-1:liblz4-1:1.9.4-1build1.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:liblz4-1:liblz4_1:1.9.4-1build1.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:liblz4_1:liblz4-1:1.9.4-1build1.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:liblz4_1:liblz4_1:1.9.4-1build1.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:liblz4:liblz4-1:1.9.4-1build1.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:liblz4:liblz4_1:1.9.4-1build1.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/liblz4-1@1.9.4-1build1.1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=lz4", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "BSD-2-Clause AND GPL-2.0-only AND GPL-2.0-or-later", + "name": "liblz4-1", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/liblz4-1/copyright, /var/lib/dpkg/info/liblz4-1:amd64.md5sums", + "supplier": "NOASSERTION", + "versionInfo": "1.9.4-1build1.1" + }, + { + "SPDXID": "SPDXRef-Package-deb-liblzma5-993af967e1703550", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:liblzma5:liblzma5:5.6.1\\+really5.4.5-1ubuntu0.2:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/liblzma5@5.6.1%2Breally5.4.5-1ubuntu0.2?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=xz-utils", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "LicenseRef-Autoconf AND GPL-2.0-only AND GPL-2.0-or-later AND GPL-3.0-only AND LGPL-2.0-only AND LGPL-2.1-only AND LGPL-2.1-or-later AND LicenseRef-PD AND LicenseRef-PD-debian AND LicenseRef-config-h AND LicenseRef-noderivs AND LicenseRef-permissive-fsf AND LicenseRef-permissive-nowarranty AND LicenseRef-probably-PD", + "name": "liblzma5", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/liblzma5/copyright, /var/lib/dpkg/info/liblzma5:amd64.md5sums", + "supplier": "NOASSERTION", + "versionInfo": "5.6.1+really5.4.5-1ubuntu0.2" + }, + { + "SPDXID": "SPDXRef-Package-deb-libmd0-06315b75244db9d9", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libmd0:libmd0:1.1.0-2build1.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/libmd0@1.1.0-2build1.1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=libmd", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "BSD-2-Clause AND BSD-2-Clause AND BSD-3-Clause AND LicenseRef-BSD-3-clause-Aaron-D-Gifford AND Beerware AND ISC AND LicenseRef-public-domain-md4 AND LicenseRef-public-domain-md5 AND LicenseRef-public-domain-sha1", + "name": "libmd0", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/libmd0/copyright, /var/lib/dpkg/info/libmd0:amd64.md5sums", + "supplier": "NOASSERTION", + "versionInfo": "1.1.0-2build1.1" + }, + { + "SPDXID": "SPDXRef-Package-deb-libmount1-3d9e8c3569192da0", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libmount1:libmount1:2.39.3-9ubuntu6.3:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/libmount1@2.39.3-9ubuntu6.3?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=util-linux", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "BSD-3-Clause AND BSD-4-Clause AND LicenseRef-BSLA AND GPL-2.0-only AND GPL-2.0-or-later AND GPL-3.0-only AND GPL-3.0-or-later AND LicenseRef-LGPL AND LGPL-2.0-only AND LGPL-2.0-or-later AND LGPL-2.1-only AND LGPL-2.1-or-later AND LGPL-3.0-only AND LGPL-3.0-or-later AND MIT AND LicenseRef-public-domain", + "name": "libmount1", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/libmount1/copyright, /var/lib/dpkg/info/libmount1:amd64.md5sums", + "supplier": "NOASSERTION", + "versionInfo": "2.39.3-9ubuntu6.3" + }, + { + "SPDXID": "SPDXRef-Package-deb-libncursesw6-18ce0375cc5bec3f", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libncursesw6:libncursesw6:6.4\\+20240113-1ubuntu2:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/libncursesw6@6.4%2B20240113-1ubuntu2?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ncurses", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "BSD-3-Clause AND LicenseRef-MIT-X11 AND X11", + "name": "libncursesw6", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/libtinfo6/copyright, /var/lib/dpkg/info/libncursesw6:amd64.md5sums", + "supplier": "NOASSERTION", + "versionInfo": "6.4+20240113-1ubuntu2" + }, + { + "SPDXID": "SPDXRef-Package-deb-libnettle8t64-d88cbda49b1ae309", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libnettle8t64:libnettle8t64:3.9.1-2.2build1.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/libnettle8t64@3.9.1-2.2build1.1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=nettle", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "LicenseRef-Expat AND LicenseRef-GAP AND LicenseRef-GPL AND GPL-2.0-only AND GPL-2.0-or-later AND GPL-3.0-or-later AND LicenseRef-LGPL AND LGPL-2.0-only AND LGPL-2.0-or-later AND LGPL-3.0-or-later AND LicenseRef-public-domain", + "name": "libnettle8t64", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/libnettle8t64/copyright, /var/lib/dpkg/info/libnettle8t64:amd64.md5sums", + "supplier": "NOASSERTION", + "versionInfo": "3.9.1-2.2build1.1" + }, + { + "SPDXID": "SPDXRef-Package-deb-libnghttp2-14-b0cb99f4a02e3240", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libnghttp2-14:libnghttp2-14:1.59.0-1ubuntu0.2:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libnghttp2-14:libnghttp2_14:1.59.0-1ubuntu0.2:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libnghttp2_14:libnghttp2-14:1.59.0-1ubuntu0.2:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libnghttp2_14:libnghttp2_14:1.59.0-1ubuntu0.2:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libnghttp2:libnghttp2-14:1.59.0-1ubuntu0.2:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libnghttp2:libnghttp2_14:1.59.0-1ubuntu0.2:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/libnghttp2-14@1.59.0-1ubuntu0.2?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=nghttp2", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "BSD-2-Clause AND LicenseRef-Expat AND GPL-3.0-only AND GPL-3.0-or-later AND MIT AND LicenseRef-all-permissive", + "name": "libnghttp2-14", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/libnghttp2-14/copyright, /var/lib/dpkg/info/libnghttp2-14:amd64.md5sums", + "supplier": "NOASSERTION", + "versionInfo": "1.59.0-1ubuntu0.2" + }, + { + "SPDXID": "SPDXRef-Package-deb-libnpth0t64-1d0c9c323ca55261", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libnpth0t64:libnpth0t64:1.6-3.1build1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/libnpth0t64@1.6-3.1build1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=npth", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "LGPL-2.1-only AND LGPL-2.1-or-later", + "name": "libnpth0t64", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/libnpth0t64/copyright, /var/lib/dpkg/info/libnpth0t64:amd64.md5sums", + "supplier": "NOASSERTION", + "versionInfo": "1.6-3.1build1" + }, + { + "SPDXID": "SPDXRef-Package-deb-libonig5-c759ee0b7800206d", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libonig5:libonig5:6.9.9-1build1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/libonig5@6.9.9-1build1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=libonig", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "BSD-2-Clause AND GPL-2.0-only AND GPL-2.0-or-later", + "name": "libonig5", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/libonig5/copyright, /var/lib/dpkg/info/libonig5:amd64.md5sums", + "supplier": "NOASSERTION", + "versionInfo": "6.9.9-1build1" + }, + { + "SPDXID": "SPDXRef-Package-deb-libp11-kit0-0ff6c45a645ef14b", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libp11-kit0:libp11-kit0:0.25.3-4ubuntu2.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libp11-kit0:libp11_kit0:0.25.3-4ubuntu2.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libp11_kit0:libp11-kit0:0.25.3-4ubuntu2.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libp11_kit0:libp11_kit0:0.25.3-4ubuntu2.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libp11:libp11-kit0:0.25.3-4ubuntu2.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libp11:libp11_kit0:0.25.3-4ubuntu2.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/libp11-kit0@0.25.3-4ubuntu2.1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=p11-kit", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "Apache-2.0 AND BSD-3-Clause AND FSFAP AND FSFULLR AND GPL-2.0-or-later AND GPL-3.0-or-later AND ISC AND LGPL-2.1-only AND LGPL-2.1-or-later AND X11 AND LicenseRef-customFSFUL AND LicenseRef-customFSFULLRWD", + "name": "libp11-kit0", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/libp11-kit0/copyright, /var/lib/dpkg/info/libp11-kit0:amd64.md5sums", + "supplier": "NOASSERTION", + "versionInfo": "0.25.3-4ubuntu2.1" + }, + { + "SPDXID": "SPDXRef-Package-deb-libpam-modules-8f4cf9baab26d4f0", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libpam-modules:libpam-modules:1.5.3-5ubuntu5.5:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libpam-modules:libpam_modules:1.5.3-5ubuntu5.5:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libpam_modules:libpam-modules:1.5.3-5ubuntu5.5:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libpam_modules:libpam_modules:1.5.3-5ubuntu5.5:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libpam:libpam-modules:1.5.3-5ubuntu5.5:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libpam:libpam_modules:1.5.3-5ubuntu5.5:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/libpam-modules@1.5.3-5ubuntu5.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=pam", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "BSD-3-Clause AND LicenseRef-BSD-tcp-wrappers AND Beerware AND LicenseRef-GPL AND GPL-2.0-only AND GPL-2.0-or-later AND GPL-3.0-only AND GPL-3.0-or-later AND LGPL-2.0-only AND LGPL-2.0-or-later AND LicenseRef-public-domain", + "name": "libpam-modules", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/libpam-modules/copyright, /var/lib/dpkg/info/libpam-modules:amd64.conffiles, /var/lib/dpkg/info/libpam-modules:amd64.md5sums", + "supplier": "NOASSERTION", + "versionInfo": "1.5.3-5ubuntu5.5" + }, + { + "SPDXID": "SPDXRef-Package-deb-libpam-modules-bin-c322cb2c91836caa", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libpam-modules-bin:libpam-modules-bin:1.5.3-5ubuntu5.5:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libpam-modules-bin:libpam_modules_bin:1.5.3-5ubuntu5.5:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libpam_modules_bin:libpam-modules-bin:1.5.3-5ubuntu5.5:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libpam_modules_bin:libpam_modules_bin:1.5.3-5ubuntu5.5:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libpam-modules:libpam-modules-bin:1.5.3-5ubuntu5.5:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libpam-modules:libpam_modules_bin:1.5.3-5ubuntu5.5:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libpam_modules:libpam-modules-bin:1.5.3-5ubuntu5.5:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libpam_modules:libpam_modules_bin:1.5.3-5ubuntu5.5:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libpam:libpam-modules-bin:1.5.3-5ubuntu5.5:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libpam:libpam_modules_bin:1.5.3-5ubuntu5.5:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/libpam-modules-bin@1.5.3-5ubuntu5.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=pam", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "BSD-3-Clause AND LicenseRef-BSD-tcp-wrappers AND Beerware AND LicenseRef-GPL AND GPL-2.0-only AND GPL-2.0-or-later AND GPL-3.0-only AND GPL-3.0-or-later AND LGPL-2.0-only AND LGPL-2.0-or-later AND LicenseRef-public-domain", + "name": "libpam-modules-bin", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/libpam-modules-bin/copyright, /var/lib/dpkg/info/libpam-modules-bin.md5sums, /var/lib/dpkg/info/libpam-modules-bin.list, /var/lib/dpkg/info/libpam-modules-bin.postinst, /var/lib/dpkg/info/libpam-modules-bin.postrm, /var/lib/dpkg/info/libpam-modules-bin.prerm", + "supplier": "NOASSERTION", + "versionInfo": "1.5.3-5ubuntu5.5" + }, + { + "SPDXID": "SPDXRef-Package-deb-libpam-runtime-d04a485a523784c8", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libpam-runtime:libpam-runtime:1.5.3-5ubuntu5.5:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libpam-runtime:libpam_runtime:1.5.3-5ubuntu5.5:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libpam_runtime:libpam-runtime:1.5.3-5ubuntu5.5:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libpam_runtime:libpam_runtime:1.5.3-5ubuntu5.5:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libpam:libpam-runtime:1.5.3-5ubuntu5.5:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libpam:libpam_runtime:1.5.3-5ubuntu5.5:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/libpam-runtime@1.5.3-5ubuntu5.5?arch=all\u0026distro=ubuntu-24.04\u0026upstream=pam", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "BSD-3-Clause AND LicenseRef-BSD-tcp-wrappers AND Beerware AND LicenseRef-GPL AND GPL-2.0-only AND GPL-2.0-or-later AND GPL-3.0-only AND GPL-3.0-or-later AND LGPL-2.0-only AND LGPL-2.0-or-later AND LicenseRef-public-domain", + "name": "libpam-runtime", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/libpam-runtime/copyright, /var/lib/dpkg/info/libpam-runtime.conffiles, /var/lib/dpkg/info/libpam-runtime.md5sums, /var/lib/dpkg/info/libpam-runtime.list, /var/lib/dpkg/info/libpam-runtime.postinst, /var/lib/dpkg/info/libpam-runtime.postrm, /var/lib/dpkg/info/libpam-runtime.prerm, /var/lib/dpkg/info/libpam-runtime.templates", + "supplier": "NOASSERTION", + "versionInfo": "1.5.3-5ubuntu5.5" + }, + { + "SPDXID": "SPDXRef-Package-deb-libpam0g-9aa31bc48b99a584", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libpam0g:libpam0g:1.5.3-5ubuntu5.5:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/libpam0g@1.5.3-5ubuntu5.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=pam", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "BSD-3-Clause AND LicenseRef-BSD-tcp-wrappers AND Beerware AND LicenseRef-GPL AND GPL-2.0-only AND GPL-2.0-or-later AND GPL-3.0-only AND GPL-3.0-or-later AND LGPL-2.0-only AND LGPL-2.0-or-later AND LicenseRef-public-domain", + "name": "libpam0g", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/libpam0g/copyright, /var/lib/dpkg/info/libpam0g:amd64.md5sums", + "supplier": "NOASSERTION", + "versionInfo": "1.5.3-5ubuntu5.5" + }, + { + "SPDXID": "SPDXRef-Package-deb-libpcre2-8-0-af95be31c1ad9110", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libpcre2-8-0:libpcre2-8-0:10.42-4ubuntu2.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libpcre2-8-0:libpcre2_8_0:10.42-4ubuntu2.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libpcre2_8_0:libpcre2-8-0:10.42-4ubuntu2.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libpcre2_8_0:libpcre2_8_0:10.42-4ubuntu2.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libpcre2-8:libpcre2-8-0:10.42-4ubuntu2.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libpcre2-8:libpcre2_8_0:10.42-4ubuntu2.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libpcre2_8:libpcre2-8-0:10.42-4ubuntu2.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libpcre2_8:libpcre2_8_0:10.42-4ubuntu2.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libpcre2:libpcre2-8-0:10.42-4ubuntu2.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libpcre2:libpcre2_8_0:10.42-4ubuntu2.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/libpcre2-8-0@10.42-4ubuntu2.1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=pcre2", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "BSD-2-Clause AND BSD-3-Clause AND LicenseRef-BSD-3-clause-Cambridge AND X11 AND LicenseRef-public-domain", + "name": "libpcre2-8-0", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/libpcre2-8-0/copyright, /var/lib/dpkg/info/libpcre2-8-0:amd64.md5sums", + "supplier": "NOASSERTION", + "versionInfo": "10.42-4ubuntu2.1" + }, + { + "SPDXID": "SPDXRef-Package-deb-libproc2-0-8d56c9067034ebc8", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libproc2-0:libproc2-0:2\\:4.0.4-4ubuntu3.2:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libproc2-0:libproc2_0:2\\:4.0.4-4ubuntu3.2:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libproc2_0:libproc2-0:2\\:4.0.4-4ubuntu3.2:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libproc2_0:libproc2_0:2\\:4.0.4-4ubuntu3.2:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libproc2:libproc2-0:2\\:4.0.4-4ubuntu3.2:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libproc2:libproc2_0:2\\:4.0.4-4ubuntu3.2:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/libproc2-0@2%3A4.0.4-4ubuntu3.2?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=procps", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "GPL-2.0-only AND GPL-2.0-or-later AND LGPL-2.0-only AND LGPL-2.0-or-later AND LGPL-2.1-only AND LGPL-2.1-or-later", + "name": "libproc2-0", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/libproc2-0/copyright, /var/lib/dpkg/info/libproc2-0:amd64.md5sums", + "supplier": "NOASSERTION", + "versionInfo": "2:4.0.4-4ubuntu3.2" + }, + { + "SPDXID": "SPDXRef-Package-deb-libpsl5t64-73ae8411461ffd84", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libpsl5t64:libpsl5t64:0.21.2-1.1build1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/libpsl5t64@0.21.2-1.1build1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=libpsl", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "LicenseRef-Chromium AND MIT AND LicenseRef-gnulib", + "name": "libpsl5t64", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/libpsl5t64/copyright, /var/lib/dpkg/info/libpsl5t64:amd64.md5sums", + "supplier": "NOASSERTION", + "versionInfo": "0.21.2-1.1build1" + }, + { + "SPDXID": "SPDXRef-Package-deb-libreadline8t64-6eb286d41d2bfb01", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libreadline8t64:libreadline8t64:8.2-4build1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/libreadline8t64@8.2-4build1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=readline", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "LicenseRef-GFDL AND LicenseRef-GFDL-NIV-1.3- AND GPL-2.0-only AND GPL-2.0-or-later AND GPL-3.0-only AND GPL-3.0-or-later AND LicenseRef-ISC-no-attribution", + "name": "libreadline8t64", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/libreadline8t64/copyright, /var/lib/dpkg/info/libreadline8t64:amd64.md5sums", + "supplier": "NOASSERTION", + "versionInfo": "8.2-4build1" + }, + { + "SPDXID": "SPDXRef-Package-deb-librtmp1-81955549e95a42d3", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:librtmp1:librtmp1:2.4\\+20151223.gitfa8646d.1-2build7:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/librtmp1@2.4%2B20151223.gitfa8646d.1-2build7?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=rtmpdump", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "GPL-2.0-only AND LGPL-2.1-only", + "name": "librtmp1", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/librtmp1/copyright, /var/lib/dpkg/info/librtmp1:amd64.md5sums", + "supplier": "NOASSERTION", + "versionInfo": "2.4+20151223.gitfa8646d.1-2build7" + }, + { + "SPDXID": "SPDXRef-Package-deb-libsasl2-2-c63c50e09a049480", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libsasl2-2:libsasl2-2:2.1.28\\+dfsg1-5ubuntu3.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libsasl2-2:libsasl2_2:2.1.28\\+dfsg1-5ubuntu3.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libsasl2_2:libsasl2-2:2.1.28\\+dfsg1-5ubuntu3.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libsasl2_2:libsasl2_2:2.1.28\\+dfsg1-5ubuntu3.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libsasl2:libsasl2-2:2.1.28\\+dfsg1-5ubuntu3.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libsasl2:libsasl2_2:2.1.28\\+dfsg1-5ubuntu3.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/libsasl2-2@2.1.28%2Bdfsg1-5ubuntu3.1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=cyrus-sasl2", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "BSD-2-Clause AND LicenseRef-BSD-2.2-clause AND BSD-3-Clause-Attribution AND BSD-3-Clause AND LicenseRef-BSD-3-clause-JANET AND LicenseRef-BSD-3-clause-PADL AND BSD-4-Clause-UC AND FSFULLR AND GPL-3.0-only AND GPL-3.0-or-later AND LicenseRef-IBM-as-is AND MIT-CMU AND LicenseRef-MIT-Export AND LicenseRef-MIT-OpenVision AND LicenseRef-OpenLDAP AND RSA-MD", + "name": "libsasl2-2", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/libsasl2-2/copyright, /var/lib/dpkg/info/libsasl2-2:amd64.md5sums", + "supplier": "NOASSERTION", + "versionInfo": "2.1.28+dfsg1-5ubuntu3.1" + }, + { + "SPDXID": "SPDXRef-Package-deb-libsasl2-modules-eb9654976cb9d0e2", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libsasl2-modules:libsasl2-modules:2.1.28\\+dfsg1-5ubuntu3.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libsasl2-modules:libsasl2_modules:2.1.28\\+dfsg1-5ubuntu3.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libsasl2_modules:libsasl2-modules:2.1.28\\+dfsg1-5ubuntu3.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libsasl2_modules:libsasl2_modules:2.1.28\\+dfsg1-5ubuntu3.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libsasl2:libsasl2-modules:2.1.28\\+dfsg1-5ubuntu3.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libsasl2:libsasl2_modules:2.1.28\\+dfsg1-5ubuntu3.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/libsasl2-modules@2.1.28%2Bdfsg1-5ubuntu3.1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=cyrus-sasl2", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "BSD-2-Clause AND LicenseRef-BSD-2.2-clause AND BSD-3-Clause-Attribution AND BSD-3-Clause AND LicenseRef-BSD-3-clause-JANET AND LicenseRef-BSD-3-clause-PADL AND BSD-4-Clause-UC AND FSFULLR AND GPL-3.0-only AND GPL-3.0-or-later AND LicenseRef-IBM-as-is AND MIT-CMU AND LicenseRef-MIT-Export AND LicenseRef-MIT-OpenVision AND LicenseRef-OpenLDAP AND RSA-MD", + "name": "libsasl2-modules", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/libsasl2-modules/copyright, /var/lib/dpkg/info/libsasl2-modules:amd64.md5sums", + "supplier": "NOASSERTION", + "versionInfo": "2.1.28+dfsg1-5ubuntu3.1" + }, + { + "SPDXID": "SPDXRef-Package-deb-libsasl2-modules-db-cd1ded1d948407f7", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libsasl2-modules-db:libsasl2-modules-db:2.1.28\\+dfsg1-5ubuntu3.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libsasl2-modules-db:libsasl2_modules_db:2.1.28\\+dfsg1-5ubuntu3.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libsasl2_modules_db:libsasl2-modules-db:2.1.28\\+dfsg1-5ubuntu3.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libsasl2_modules_db:libsasl2_modules_db:2.1.28\\+dfsg1-5ubuntu3.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libsasl2-modules:libsasl2-modules-db:2.1.28\\+dfsg1-5ubuntu3.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libsasl2-modules:libsasl2_modules_db:2.1.28\\+dfsg1-5ubuntu3.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libsasl2_modules:libsasl2-modules-db:2.1.28\\+dfsg1-5ubuntu3.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libsasl2_modules:libsasl2_modules_db:2.1.28\\+dfsg1-5ubuntu3.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libsasl2:libsasl2-modules-db:2.1.28\\+dfsg1-5ubuntu3.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libsasl2:libsasl2_modules_db:2.1.28\\+dfsg1-5ubuntu3.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/libsasl2-modules-db@2.1.28%2Bdfsg1-5ubuntu3.1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=cyrus-sasl2", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "BSD-2-Clause AND LicenseRef-BSD-2.2-clause AND BSD-3-Clause-Attribution AND BSD-3-Clause AND LicenseRef-BSD-3-clause-JANET AND LicenseRef-BSD-3-clause-PADL AND BSD-4-Clause-UC AND FSFULLR AND GPL-3.0-only AND GPL-3.0-or-later AND LicenseRef-IBM-as-is AND MIT-CMU AND LicenseRef-MIT-Export AND LicenseRef-MIT-OpenVision AND LicenseRef-OpenLDAP AND RSA-MD", + "name": "libsasl2-modules-db", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/libsasl2-modules-db/copyright, /var/lib/dpkg/info/libsasl2-modules-db:amd64.md5sums", + "supplier": "NOASSERTION", + "versionInfo": "2.1.28+dfsg1-5ubuntu3.1" + }, + { + "SPDXID": "SPDXRef-Package-deb-libseccomp2-3ba2629eadb8e304", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libseccomp2:libseccomp2:2.5.5-1ubuntu3.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/libseccomp2@2.5.5-1ubuntu3.1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=libseccomp", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "LGPL-2.1-only", + "name": "libseccomp2", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/libseccomp2/copyright, /var/lib/dpkg/info/libseccomp2:amd64.md5sums", + "supplier": "NOASSERTION", + "versionInfo": "2.5.5-1ubuntu3.1" + }, + { + "SPDXID": "SPDXRef-Package-deb-libselinux1-cb2b78b10156ba3f", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libselinux1:libselinux1:3.5-2ubuntu2.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/libselinux1@3.5-2ubuntu2.1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=libselinux", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "GPL-2.0-only AND LicenseRef-public-domain", + "name": "libselinux1", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/libselinux1/copyright, /var/lib/dpkg/info/libselinux1:amd64.md5sums", + "supplier": "NOASSERTION", + "versionInfo": "3.5-2ubuntu2.1" + }, + { + "SPDXID": "SPDXRef-Package-deb-libsemanage-common-d1402e013c1e2f83", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libsemanage-common:libsemanage-common:3.5-1build5:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libsemanage-common:libsemanage_common:3.5-1build5:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libsemanage_common:libsemanage-common:3.5-1build5:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libsemanage_common:libsemanage_common:3.5-1build5:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libsemanage:libsemanage-common:3.5-1build5:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libsemanage:libsemanage_common:3.5-1build5:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/libsemanage-common@3.5-1build5?arch=all\u0026distro=ubuntu-24.04\u0026upstream=libsemanage", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "GPL-2.0-only AND LGPL-2.1-only AND LGPL-2.1-or-later", + "name": "libsemanage-common", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/libsemanage-common/copyright, /var/lib/dpkg/info/libsemanage-common.conffiles, /var/lib/dpkg/info/libsemanage-common.md5sums, /var/lib/dpkg/info/libsemanage-common.list", + "supplier": "NOASSERTION", + "versionInfo": "3.5-1build5" + }, + { + "SPDXID": "SPDXRef-Package-deb-libsemanage2-e0cbcfc82f8353e2", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libsemanage2:libsemanage2:3.5-1build5:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/libsemanage2@3.5-1build5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=libsemanage", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "GPL-2.0-only AND LGPL-2.1-only AND LGPL-2.1-or-later", + "name": "libsemanage2", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/libsemanage2/copyright, /var/lib/dpkg/info/libsemanage2:amd64.md5sums", + "supplier": "NOASSERTION", + "versionInfo": "3.5-1build5" + }, + { + "SPDXID": "SPDXRef-Package-deb-libsepol2-15a811c4d04d7867", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libsepol2:libsepol2:3.5-2build1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/libsepol2@3.5-2build1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=libsepol", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "GPL-2.0-only AND GPL-2.0-or-later AND LGPL-2.1-only AND LGPL-2.1-or-later AND Zlib", + "name": "libsepol2", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/libsepol2/copyright, /var/lib/dpkg/info/libsepol2:amd64.md5sums", + "supplier": "NOASSERTION", + "versionInfo": "3.5-2build1" + }, + { + "SPDXID": "SPDXRef-Package-deb-libsmartcols1-3bb3f9371c052b11", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libsmartcols1:libsmartcols1:2.39.3-9ubuntu6.3:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/libsmartcols1@2.39.3-9ubuntu6.3?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=util-linux", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "BSD-3-Clause AND BSD-4-Clause AND LicenseRef-BSLA AND GPL-2.0-only AND GPL-2.0-or-later AND GPL-3.0-only AND GPL-3.0-or-later AND LicenseRef-LGPL AND LGPL-2.0-only AND LGPL-2.0-or-later AND LGPL-2.1-only AND LGPL-2.1-or-later AND LGPL-3.0-only AND LGPL-3.0-or-later AND MIT AND LicenseRef-public-domain", + "name": "libsmartcols1", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/libsmartcols1/copyright, /var/lib/dpkg/info/libsmartcols1:amd64.md5sums", + "supplier": "NOASSERTION", + "versionInfo": "2.39.3-9ubuntu6.3" + }, + { + "SPDXID": "SPDXRef-Package-deb-libsqlite3-0-200ea9e4747ef477", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libsqlite3-0:libsqlite3-0:3.45.1-1ubuntu2.5:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libsqlite3-0:libsqlite3_0:3.45.1-1ubuntu2.5:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libsqlite3_0:libsqlite3-0:3.45.1-1ubuntu2.5:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libsqlite3_0:libsqlite3_0:3.45.1-1ubuntu2.5:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libsqlite3:libsqlite3-0:3.45.1-1ubuntu2.5:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libsqlite3:libsqlite3_0:3.45.1-1ubuntu2.5:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/libsqlite3-0@3.45.1-1ubuntu2.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=sqlite3", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "GPL-2.0-only AND GPL-2.0-or-later AND LicenseRef-public-domain", + "name": "libsqlite3-0", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/libsqlite3-0/copyright, /var/lib/dpkg/info/libsqlite3-0:amd64.md5sums", + "supplier": "NOASSERTION", + "versionInfo": "3.45.1-1ubuntu2.5" + }, + { + "SPDXID": "SPDXRef-Package-deb-libss2-15654eba4be88b15", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libss2:libss2:1.47.0-2.4\\~exp1ubuntu4.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/libss2@1.47.0-2.4~exp1ubuntu4.1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=e2fsprogs", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "Apache-2.0 AND Apache-2.0 AND BSD-3-Clause AND LicenseRef-GPL AND GPL-2.0-only AND GPL-2.0-or-later AND ISC AND Kazlib AND LGPL-2.0-only AND Latex2e", + "name": "libss2", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/libss2/copyright, /var/lib/dpkg/info/libss2:amd64.md5sums", + "supplier": "NOASSERTION", + "versionInfo": "1.47.0-2.4~exp1ubuntu4.1" + }, + { + "SPDXID": "SPDXRef-Package-deb-libssh-4-cb7686798bdc7c22", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libssh-4:libssh-4:0.10.6-2ubuntu0.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libssh-4:libssh_4:0.10.6-2ubuntu0.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libssh_4:libssh-4:0.10.6-2ubuntu0.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libssh_4:libssh_4:0.10.6-2ubuntu0.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libssh:libssh-4:0.10.6-2ubuntu0.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libssh:libssh_4:0.10.6-2ubuntu0.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/libssh-4@0.10.6-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=libssh", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "BSD-2-Clause AND BSD-3-Clause AND LGPL-2.1-only AND LicenseRef-LGPL-2.1--OpenSSL AND LicenseRef-public-domain", + "name": "libssh-4", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/libssh-4/copyright, /var/lib/dpkg/info/libssh-4:amd64.md5sums", + "supplier": "NOASSERTION", + "versionInfo": "0.10.6-2ubuntu0.1" + }, + { + "SPDXID": "SPDXRef-Package-deb-libssl3t64-3fa99985607561a6", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libssl3t64:libssl3t64:3.0.13-0ubuntu3.5:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/libssl3t64@3.0.13-0ubuntu3.5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=openssl", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "Apache-2.0 AND LicenseRef-Artistic AND GPL-1.0-only AND GPL-1.0-or-later", + "name": "libssl3t64", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/libssl3t64/copyright, /var/lib/dpkg/info/libssl3t64:amd64.md5sums", + "supplier": "NOASSERTION", + "versionInfo": "3.0.13-0ubuntu3.5" + }, + { + "SPDXID": "SPDXRef-Package-deb-libstdc--6-78c7c4007f70098c", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libstdc\\+\\+6:libstdc\\+\\+6:14.2.0-4ubuntu2\\~24.04:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/libstdc%2B%2B6@14.2.0-4ubuntu2~24.04?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=gcc-14", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "LicenseRef-Artistic AND GFDL-1.2-only AND LicenseRef-GPL AND GPL-3.0-only AND LicenseRef-LGPL", + "name": "libstdc++6", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/gcc-14-base/copyright, /var/lib/dpkg/info/libstdc++6:amd64.md5sums", + "supplier": "NOASSERTION", + "versionInfo": "14.2.0-4ubuntu2~24.04" + }, + { + "SPDXID": "SPDXRef-Package-deb-libsystemd0-a025a5b1cdd58c85", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libsystemd0:libsystemd0:255.4-1ubuntu8.10:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/libsystemd0@255.4-1ubuntu8.10?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=systemd", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "CC0-1.0 AND LicenseRef-Expat AND GPL-2.0-only AND GPL-2.0-or-later AND LGPL-2.1-only AND LGPL-2.1-or-later AND LicenseRef-public-domain", + "name": "libsystemd0", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/libsystemd0/copyright, /var/lib/dpkg/info/libsystemd0:amd64.md5sums", + "supplier": "NOASSERTION", + "versionInfo": "255.4-1ubuntu8.10" + }, + { + "SPDXID": "SPDXRef-Package-deb-libtasn1-6-23f55ffb85c8620a", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libtasn1-6:libtasn1-6:4.19.0-3ubuntu0.24.04.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libtasn1-6:libtasn1_6:4.19.0-3ubuntu0.24.04.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libtasn1_6:libtasn1-6:4.19.0-3ubuntu0.24.04.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libtasn1_6:libtasn1_6:4.19.0-3ubuntu0.24.04.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libtasn1:libtasn1-6:4.19.0-3ubuntu0.24.04.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libtasn1:libtasn1_6:4.19.0-3ubuntu0.24.04.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/libtasn1-6@4.19.0-3ubuntu0.24.04.1?arch=amd64\u0026distro=ubuntu-24.04", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "GFDL-1.3-only AND GPL-3.0-only AND LicenseRef-LGPL AND LGPL-2.1-only", + "name": "libtasn1-6", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/libtasn1-6/copyright, /var/lib/dpkg/info/libtasn1-6:amd64.md5sums", + "supplier": "NOASSERTION", + "versionInfo": "4.19.0-3ubuntu0.24.04.1" + }, + { + "SPDXID": "SPDXRef-Package-deb-libtinfo6-9d92803c72cb7a13", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libtinfo6:libtinfo6:6.4\\+20240113-1ubuntu2:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/libtinfo6@6.4%2B20240113-1ubuntu2?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ncurses", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "BSD-3-Clause AND LicenseRef-MIT-X11 AND X11", + "name": "libtinfo6", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/libtinfo6/copyright, /var/lib/dpkg/info/libtinfo6:amd64.md5sums", + "supplier": "NOASSERTION", + "versionInfo": "6.4+20240113-1ubuntu2" + }, + { + "SPDXID": "SPDXRef-Package-deb-libudev1-c181254fb5d4b2fa", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libudev1:libudev1:255.4-1ubuntu8.10:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/libudev1@255.4-1ubuntu8.10?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=systemd", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "CC0-1.0 AND LicenseRef-Expat AND GPL-2.0-only AND GPL-2.0-or-later AND LGPL-2.1-only AND LGPL-2.1-or-later AND LicenseRef-public-domain", + "name": "libudev1", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/libudev1/copyright, /var/lib/dpkg/info/libudev1:amd64.md5sums", + "supplier": "NOASSERTION", + "versionInfo": "255.4-1ubuntu8.10" + }, + { + "SPDXID": "SPDXRef-Package-deb-libunistring5-b1cbbe8a14a0e24e", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libunistring5:libunistring5:1.1-2build1.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/libunistring5@1.1-2build1.1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=libunistring", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "LicenseRef-FreeSoftware AND GFDL-1.2-only AND LicenseRef-GFDL-NIV-1.2- AND GPL-2.0-only AND GPL-2.0-or-later AND GPL-3.0-only AND GPL-3.0-or-later AND LGPL-3.0-only AND LGPL-3.0-or-later AND X11", + "name": "libunistring5", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/libunistring5/copyright, /var/lib/dpkg/info/libunistring5:amd64.md5sums", + "supplier": "NOASSERTION", + "versionInfo": "1.1-2build1.1" + }, + { + "SPDXID": "SPDXRef-Package-deb-libuuid1-240541a67de3e356", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libuuid1:libuuid1:2.39.3-9ubuntu6.3:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/libuuid1@2.39.3-9ubuntu6.3?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=util-linux", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "BSD-3-Clause AND BSD-4-Clause AND LicenseRef-BSLA AND GPL-2.0-only AND GPL-2.0-or-later AND GPL-3.0-only AND GPL-3.0-or-later AND LicenseRef-LGPL AND LGPL-2.0-only AND LGPL-2.0-or-later AND LGPL-2.1-only AND LGPL-2.1-or-later AND LGPL-3.0-only AND LGPL-3.0-or-later AND MIT AND LicenseRef-public-domain", + "name": "libuuid1", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/libuuid1/copyright, /var/lib/dpkg/info/libuuid1:amd64.md5sums", + "supplier": "NOASSERTION", + "versionInfo": "2.39.3-9ubuntu6.3" + }, + { + "SPDXID": "SPDXRef-Package-deb-libxxhash0-90eda777e40786d4", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libxxhash0:libxxhash0:0.8.2-2build1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/libxxhash0@0.8.2-2build1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=xxhash", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "BSD-2-Clause AND GPL-2.0-only AND GPL-2.0-or-later", + "name": "libxxhash0", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/libxxhash0/copyright, /var/lib/dpkg/info/libxxhash0:amd64.md5sums", + "supplier": "NOASSERTION", + "versionInfo": "0.8.2-2build1" + }, + { + "SPDXID": "SPDXRef-Package-deb-libzstd1-b3a5617e30ccb6d4", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:libzstd1:libzstd1:1.5.5\\+dfsg2-2build1.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/libzstd1@1.5.5%2Bdfsg2-2build1.1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=libzstd", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "BSD-3-Clause AND LicenseRef-Expat AND GPL-2.0-only AND Zlib", + "name": "libzstd1", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/libzstd1/copyright, /var/lib/dpkg/info/libzstd1:amd64.md5sums", + "supplier": "NOASSERTION", + "versionInfo": "1.5.5+dfsg2-2build1.1" + }, + { + "SPDXID": "SPDXRef-Package-deb-locales-f3b7a612072ebd9e", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:locales:locales:2.39-0ubuntu8.6:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/locales@2.39-0ubuntu8.6?arch=all\u0026distro=ubuntu-24.04\u0026upstream=glibc", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "GFDL-1.3-only AND GPL-2.0-only AND LGPL-2.1-only", + "name": "locales", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/locales/copyright, /var/lib/dpkg/info/locales.conffiles, /var/lib/dpkg/info/locales.md5sums, /var/lib/dpkg/info/locales.config, /var/lib/dpkg/info/locales.list, /var/lib/dpkg/info/locales.postinst, /var/lib/dpkg/info/locales.postrm, /var/lib/dpkg/info/locales.prerm, /var/lib/dpkg/info/locales.templates", + "supplier": "NOASSERTION", + "versionInfo": "2.39-0ubuntu8.6" + }, + { + "SPDXID": "SPDXRef-Package-deb-login-271cbc4b0386e5d1", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:login:login:1\\:4.13\\+dfsg1-4ubuntu3.2:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/login@1%3A4.13%2Bdfsg1-4ubuntu3.2?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=shadow", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "BSD-3-Clause AND GPL-1.0-only AND GPL-2.0-only AND GPL-2.0-or-later AND LicenseRef-public-domain", + "name": "login", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/login/copyright, /var/lib/dpkg/info/login.conffiles, /var/lib/dpkg/info/login.md5sums, /var/lib/dpkg/info/login.list, /var/lib/dpkg/info/login.postinst, /var/lib/dpkg/info/login.postrm, /var/lib/dpkg/info/login.preinst, /var/lib/dpkg/info/login.prerm", + "supplier": "NOASSERTION", + "versionInfo": "1:4.13+dfsg1-4ubuntu3.2" + }, + { + "SPDXID": "SPDXRef-Package-deb-logsave-7e5b554baa7836b3", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:logsave:logsave:1.47.0-2.4\\~exp1ubuntu4.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/logsave@1.47.0-2.4~exp1ubuntu4.1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=e2fsprogs", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "Apache-2.0 AND Apache-2.0 AND BSD-3-Clause AND LicenseRef-GPL AND GPL-2.0-only AND GPL-2.0-or-later AND ISC AND Kazlib AND LGPL-2.0-only AND Latex2e", + "name": "logsave", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/logsave/copyright, /var/lib/dpkg/info/logsave.md5sums, /var/lib/dpkg/info/logsave.list", + "supplier": "NOASSERTION", + "versionInfo": "1.47.0-2.4~exp1ubuntu4.1" + }, + { + "SPDXID": "SPDXRef-Package-deb-mawk-dda5c0b33cc2d2b1", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:mawk:mawk:1.3.4.20240123-1build1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/mawk@1.3.4.20240123-1build1?arch=amd64\u0026distro=ubuntu-24.04", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "CC-BY-3.0 AND GPL-2.0-only AND GPL-2.0-only AND X11", + "name": "mawk", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/mawk/copyright, /var/lib/dpkg/info/mawk.md5sums, /var/lib/dpkg/info/mawk.list, /var/lib/dpkg/info/mawk.postinst, /var/lib/dpkg/info/mawk.prerm", + "supplier": "NOASSERTION", + "versionInfo": "1.3.4.20240123-1build1" + }, + { + "SPDXID": "SPDXRef-Package-deb-mount-19d69b20b964122f", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:mount:mount:2.39.3-9ubuntu6.3:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/mount@2.39.3-9ubuntu6.3?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=util-linux", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "BSD-3-Clause AND BSD-4-Clause AND LicenseRef-BSLA AND GPL-2.0-only AND GPL-2.0-or-later AND GPL-3.0-only AND GPL-3.0-or-later AND LicenseRef-LGPL AND LGPL-2.0-only AND LGPL-2.0-or-later AND LGPL-2.1-only AND LGPL-2.1-or-later AND LGPL-3.0-only AND LGPL-3.0-or-later AND MIT AND LicenseRef-public-domain", + "name": "mount", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/mount/copyright, /var/lib/dpkg/info/mount.md5sums, /var/lib/dpkg/info/mount.list", + "supplier": "NOASSERTION", + "versionInfo": "2.39.3-9ubuntu6.3" + }, + { + "SPDXID": "SPDXRef-Package-deb-ncurses-base-9ce712b33a96bea6", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:ncurses-base:ncurses-base:6.4\\+20240113-1ubuntu2:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:ncurses-base:ncurses_base:6.4\\+20240113-1ubuntu2:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:ncurses_base:ncurses-base:6.4\\+20240113-1ubuntu2:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:ncurses_base:ncurses_base:6.4\\+20240113-1ubuntu2:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:ncurses:ncurses-base:6.4\\+20240113-1ubuntu2:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:ncurses:ncurses_base:6.4\\+20240113-1ubuntu2:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/ncurses-base@6.4%2B20240113-1ubuntu2?arch=all\u0026distro=ubuntu-24.04\u0026upstream=ncurses", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "BSD-3-Clause AND LicenseRef-MIT-X11 AND X11", + "name": "ncurses-base", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/ncurses-base/copyright, /var/lib/dpkg/info/ncurses-base.conffiles, /var/lib/dpkg/info/ncurses-base.md5sums, /var/lib/dpkg/info/ncurses-base.list", + "supplier": "NOASSERTION", + "versionInfo": "6.4+20240113-1ubuntu2" + }, + { + "SPDXID": "SPDXRef-Package-deb-ncurses-bin-e94839bb1b1744f0", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:ncurses-bin:ncurses-bin:6.4\\+20240113-1ubuntu2:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:ncurses-bin:ncurses_bin:6.4\\+20240113-1ubuntu2:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:ncurses_bin:ncurses-bin:6.4\\+20240113-1ubuntu2:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:ncurses_bin:ncurses_bin:6.4\\+20240113-1ubuntu2:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:ncurses:ncurses-bin:6.4\\+20240113-1ubuntu2:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:ncurses:ncurses_bin:6.4\\+20240113-1ubuntu2:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/ncurses-bin@6.4%2B20240113-1ubuntu2?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=ncurses", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "BSD-3-Clause AND LicenseRef-MIT-X11 AND X11", + "name": "ncurses-bin", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/ncurses-bin/copyright, /var/lib/dpkg/info/ncurses-bin.md5sums, /var/lib/dpkg/info/ncurses-bin.list", + "supplier": "NOASSERTION", + "versionInfo": "6.4+20240113-1ubuntu2" + }, + { + "SPDXID": "SPDXRef-Package-deb-netcat-openbsd-7431acd9b45ff385", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:netcat-openbsd:netcat-openbsd:1.226-1ubuntu2:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:netcat-openbsd:netcat_openbsd:1.226-1ubuntu2:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:netcat_openbsd:netcat-openbsd:1.226-1ubuntu2:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:netcat_openbsd:netcat_openbsd:1.226-1ubuntu2:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:netcat:netcat-openbsd:1.226-1ubuntu2:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:netcat:netcat_openbsd:1.226-1ubuntu2:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/netcat-openbsd@1.226-1ubuntu2?arch=amd64\u0026distro=ubuntu-24.04", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "BSD-2-Clause AND BSD-3-Clause", + "name": "netcat-openbsd", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/netcat-openbsd/copyright, /var/lib/dpkg/info/netcat-openbsd.md5sums, /var/lib/dpkg/info/netcat-openbsd.list, /var/lib/dpkg/info/netcat-openbsd.postinst, /var/lib/dpkg/info/netcat-openbsd.prerm", + "supplier": "NOASSERTION", + "versionInfo": "1.226-1ubuntu2" + }, + { + "SPDXID": "SPDXRef-Package-deb-openssl-160cda8712132e3e", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:openssl:openssl:3.0.13-0ubuntu3.5:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/openssl@3.0.13-0ubuntu3.5?arch=amd64\u0026distro=ubuntu-24.04", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "NOASSERTION", + "name": "openssl", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /var/lib/dpkg/info/openssl.conffiles, /var/lib/dpkg/info/openssl.md5sums, /var/lib/dpkg/info/openssl.list, /var/lib/dpkg/info/openssl.postinst", + "supplier": "NOASSERTION", + "versionInfo": "3.0.13-0ubuntu3.5" + }, + { + "SPDXID": "SPDXRef-Package-deb-passwd-12ce9c7a4baa2c69", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:passwd:passwd:1\\:4.13\\+dfsg1-4ubuntu3.2:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/passwd@1%3A4.13%2Bdfsg1-4ubuntu3.2?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=shadow", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "BSD-3-Clause AND GPL-1.0-only AND GPL-2.0-only AND GPL-2.0-or-later AND LicenseRef-public-domain", + "name": "passwd", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/passwd/copyright, /var/lib/dpkg/info/passwd.conffiles, /var/lib/dpkg/info/passwd.md5sums, /var/lib/dpkg/info/passwd.list, /var/lib/dpkg/info/passwd.postinst, /var/lib/dpkg/info/passwd.postrm, /var/lib/dpkg/info/passwd.preinst, /var/lib/dpkg/info/passwd.prerm", + "supplier": "NOASSERTION", + "versionInfo": "1:4.13+dfsg1-4ubuntu3.2" + }, + { + "SPDXID": "SPDXRef-Package-deb-perl-base-96699ee758f1e615", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:perl-base:perl-base:5.38.2-3.2ubuntu0.2:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:perl-base:perl_base:5.38.2-3.2ubuntu0.2:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:perl_base:perl-base:5.38.2-3.2ubuntu0.2:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:perl_base:perl_base:5.38.2-3.2ubuntu0.2:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:perl:perl-base:5.38.2-3.2ubuntu0.2:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:perl:perl_base:5.38.2-3.2ubuntu0.2:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/perl-base@5.38.2-3.2ubuntu0.2?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=perl", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "LicenseRef-Artistic AND Artistic-2.0 AND LicenseRef-Artistic-dist AND BSD-3-Clause AND LicenseRef-BSD-3-clause-GENERIC AND LicenseRef-BSD-3-clause-with-weird-numbering AND LicenseRef-BSD-4-clause-POWERDOG AND LicenseRef-BZIP AND LicenseRef-DONT-CHANGE-THE-GPL AND LicenseRef-Expat AND FSFAP AND GPL-1.0-only AND GPL-1.0-or-later AND GPL-2.0-only AND GPL-2.0-or-later AND LicenseRef-GPL-3--WITH-BISON-EXCEPTION AND LGPL-2.1-only AND LicenseRef-REGCOMP AND LicenseRef-REGCOMP- AND LicenseRef-SDBM-PUBLIC-DOMAIN AND LicenseRef-TEXT-TABS AND LicenseRef-Unicode AND Zlib", + "name": "perl-base", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/perl-base/copyright, /var/lib/dpkg/info/perl-base.md5sums, /var/lib/dpkg/info/perl-base.list, /var/lib/dpkg/info/perl-base.postinst, /var/lib/dpkg/info/perl-base.postrm, /var/lib/dpkg/info/perl-base.preinst, /var/lib/dpkg/info/perl-base.prerm", + "supplier": "NOASSERTION", + "versionInfo": "5.38.2-3.2ubuntu0.2" + }, + { + "SPDXID": "SPDXRef-Package-deb-pinentry-curses-5b735ef7ce088c1b", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:pinentry-curses:pinentry-curses:1.2.1-3ubuntu5:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:pinentry-curses:pinentry_curses:1.2.1-3ubuntu5:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:pinentry_curses:pinentry-curses:1.2.1-3ubuntu5:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:pinentry_curses:pinentry_curses:1.2.1-3ubuntu5:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:pinentry:pinentry-curses:1.2.1-3ubuntu5:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:pinentry:pinentry_curses:1.2.1-3ubuntu5:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/pinentry-curses@1.2.1-3ubuntu5?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=pinentry", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "GPL-2.0-only AND GPL-2.0-or-later AND LGPL-3.0-only AND LGPL-3.0-or-later AND X11", + "name": "pinentry-curses", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/pinentry-curses/copyright, /var/lib/dpkg/info/pinentry-curses.md5sums, /var/lib/dpkg/info/pinentry-curses.list, /var/lib/dpkg/info/pinentry-curses.postinst, /var/lib/dpkg/info/pinentry-curses.prerm", + "supplier": "NOASSERTION", + "versionInfo": "1.2.1-3ubuntu5" + }, + { + "SPDXID": "SPDXRef-Package-deb-plexmediaserver-e1c5e29307b26db9", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:plexmediaserver:plexmediaserver:1.42.2.10156-f737b826c:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/plexmediaserver@1.42.2.10156-f737b826c?arch=amd64\u0026distro=ubuntu-24.04", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "LicenseRef-deb63e9854058ba7c6bd843d432c7302d52070db6a7d740d309601b228d737c0", + "licenseDeclared": "NOASSERTION", + "name": "plexmediaserver", + "originator": "Person: Plex Inc (noreply@plex.tv)", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/plexmediaserver/copyright, /var/lib/dpkg/info/plexmediaserver.md5sums, /var/lib/dpkg/info/plexmediaserver.list, /var/lib/dpkg/info/plexmediaserver.postinst, /var/lib/dpkg/info/plexmediaserver.postrm, /var/lib/dpkg/info/plexmediaserver.preinst, /var/lib/dpkg/info/plexmediaserver.prerm", + "supplier": "Person: Plex Inc (noreply@plex.tv)", + "versionInfo": "1.42.2.10156-f737b826c" + }, + { + "SPDXID": "SPDXRef-Package-deb-procps-97c48d88753353e5", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:procps:procps:2\\:4.0.4-4ubuntu3.2:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/procps@2%3A4.0.4-4ubuntu3.2?arch=amd64\u0026distro=ubuntu-24.04", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "GPL-2.0-only AND GPL-2.0-or-later AND LGPL-2.0-only AND LGPL-2.0-or-later AND LGPL-2.1-only AND LGPL-2.1-or-later", + "name": "procps", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/procps/copyright, /var/lib/dpkg/info/procps.conffiles, /var/lib/dpkg/info/procps.md5sums, /var/lib/dpkg/info/procps.list, /var/lib/dpkg/info/procps.postinst, /var/lib/dpkg/info/procps.postrm, /var/lib/dpkg/info/procps.preinst, /var/lib/dpkg/info/procps.prerm", + "supplier": "NOASSERTION", + "versionInfo": "2:4.0.4-4ubuntu3.2" + }, + { + "SPDXID": "SPDXRef-Package-deb-publicsuffix-646accdcd86313c6", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:publicsuffix:publicsuffix:20231001.0357-0.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/publicsuffix@20231001.0357-0.1?arch=all\u0026distro=ubuntu-24.04", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "LicenseRef-CC0 AND MPL-2.0", + "name": "publicsuffix", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/publicsuffix/copyright, /var/lib/dpkg/info/publicsuffix.md5sums, /var/lib/dpkg/info/publicsuffix.list", + "supplier": "NOASSERTION", + "versionInfo": "20231001.0357-0.1" + }, + { + "SPDXID": "SPDXRef-Package-deb-readline-common-ede97742baad2719", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:readline-common:readline-common:8.2-4build1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:readline-common:readline_common:8.2-4build1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:readline_common:readline-common:8.2-4build1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:readline_common:readline_common:8.2-4build1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:readline:readline-common:8.2-4build1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:readline:readline_common:8.2-4build1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/readline-common@8.2-4build1?arch=all\u0026distro=ubuntu-24.04\u0026upstream=readline", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "LicenseRef-GFDL AND LicenseRef-GFDL-NIV-1.3- AND GPL-2.0-only AND GPL-2.0-or-later AND GPL-3.0-only AND GPL-3.0-or-later AND LicenseRef-ISC-no-attribution", + "name": "readline-common", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/readline-common/copyright, /var/lib/dpkg/info/readline-common.md5sums, /var/lib/dpkg/info/readline-common.list, /var/lib/dpkg/info/readline-common.postinst, /var/lib/dpkg/info/readline-common.postrm", + "supplier": "NOASSERTION", + "versionInfo": "8.2-4build1" + }, + { + "SPDXID": "SPDXRef-Package-deb-sed-1c58aaf5ad1b37f3", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:sed:sed:4.9-2build1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/sed@4.9-2build1?arch=amd64\u0026distro=ubuntu-24.04", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "BSD-4-Clause-UC AND BSL-1.0 AND GFDL-1.3-only AND LicenseRef-GFDL-NIV-1.3- AND GPL-3.0-only AND GPL-3.0-or-later AND ISC AND X11 AND LicenseRef-pcre", + "name": "sed", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/sed/copyright, /var/lib/dpkg/info/sed.md5sums, /var/lib/dpkg/info/sed.list", + "supplier": "NOASSERTION", + "versionInfo": "4.9-2build1" + }, + { + "SPDXID": "SPDXRef-Package-deb-sensible-utils-16b4aaa898af9f49", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:sensible-utils:sensible-utils:0.0.22:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:sensible-utils:sensible_utils:0.0.22:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:sensible_utils:sensible-utils:0.0.22:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:sensible_utils:sensible_utils:0.0.22:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:sensible:sensible-utils:0.0.22:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:sensible:sensible_utils:0.0.22:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/sensible-utils@0.0.22?arch=all\u0026distro=ubuntu-24.04", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "LicenseRef-All-permissive AND BSD-2-Clause AND GPL-2.0-only AND GPL-2.0-or-later AND LicenseRef-configure AND LicenseRef-installsh", + "name": "sensible-utils", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/sensible-utils/copyright, /var/lib/dpkg/info/sensible-utils.md5sums, /var/lib/dpkg/info/sensible-utils.list", + "supplier": "NOASSERTION", + "versionInfo": "0.0.22" + }, + { + "SPDXID": "SPDXRef-Package-deb-systemd-dev-69341222e5b700d0", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:systemd-dev:systemd-dev:255.4-1ubuntu8.10:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:systemd-dev:systemd_dev:255.4-1ubuntu8.10:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:systemd_dev:systemd-dev:255.4-1ubuntu8.10:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:systemd_dev:systemd_dev:255.4-1ubuntu8.10:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:systemd:systemd-dev:255.4-1ubuntu8.10:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:systemd:systemd_dev:255.4-1ubuntu8.10:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/systemd-dev@255.4-1ubuntu8.10?arch=all\u0026distro=ubuntu-24.04\u0026upstream=systemd", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "CC0-1.0 AND LicenseRef-Expat AND GPL-2.0-only AND GPL-2.0-or-later AND LGPL-2.1-only AND LGPL-2.1-or-later AND LicenseRef-public-domain", + "name": "systemd-dev", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/systemd-dev/copyright, /var/lib/dpkg/info/systemd-dev.md5sums, /var/lib/dpkg/info/systemd-dev.list", + "supplier": "NOASSERTION", + "versionInfo": "255.4-1ubuntu8.10" + }, + { + "SPDXID": "SPDXRef-Package-deb-systemd-hwe-hwdb-7af3ec8c47b488e3", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:systemd-hwe-hwdb:systemd-hwe-hwdb:255.1.5:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:systemd-hwe-hwdb:systemd_hwe_hwdb:255.1.5:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:systemd_hwe_hwdb:systemd-hwe-hwdb:255.1.5:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:systemd_hwe_hwdb:systemd_hwe_hwdb:255.1.5:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:systemd-hwe:systemd-hwe-hwdb:255.1.5:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:systemd-hwe:systemd_hwe_hwdb:255.1.5:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:systemd_hwe:systemd-hwe-hwdb:255.1.5:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:systemd_hwe:systemd_hwe_hwdb:255.1.5:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:systemd:systemd-hwe-hwdb:255.1.5:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:systemd:systemd_hwe_hwdb:255.1.5:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/systemd-hwe-hwdb@255.1.5?arch=all\u0026distro=ubuntu-24.04\u0026upstream=systemd-hwe", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "GPL-2.0-only AND GPL-2.0-or-later", + "name": "systemd-hwe-hwdb", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/systemd-hwe-hwdb/copyright, /var/lib/dpkg/info/systemd-hwe-hwdb.md5sums, /var/lib/dpkg/info/systemd-hwe-hwdb.list, /var/lib/dpkg/info/systemd-hwe-hwdb.postinst, /var/lib/dpkg/info/systemd-hwe-hwdb.postrm", + "supplier": "NOASSERTION", + "versionInfo": "255.1.5" + }, + { + "SPDXID": "SPDXRef-Package-deb-systemd-standalone-sysusers-a8f08f87d11c2dcc", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:systemd-standalone-sysusers:systemd-standalone-sysusers:255.4-1ubuntu8.10:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:systemd-standalone-sysusers:systemd_standalone_sysusers:255.4-1ubuntu8.10:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:systemd_standalone_sysusers:systemd-standalone-sysusers:255.4-1ubuntu8.10:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:systemd_standalone_sysusers:systemd_standalone_sysusers:255.4-1ubuntu8.10:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:systemd-standalone:systemd-standalone-sysusers:255.4-1ubuntu8.10:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:systemd-standalone:systemd_standalone_sysusers:255.4-1ubuntu8.10:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:systemd_standalone:systemd-standalone-sysusers:255.4-1ubuntu8.10:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:systemd_standalone:systemd_standalone_sysusers:255.4-1ubuntu8.10:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:systemd:systemd-standalone-sysusers:255.4-1ubuntu8.10:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:systemd:systemd_standalone_sysusers:255.4-1ubuntu8.10:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/systemd-standalone-sysusers@255.4-1ubuntu8.10?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=systemd", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "CC0-1.0 AND LicenseRef-Expat AND GPL-2.0-only AND GPL-2.0-or-later AND LGPL-2.1-only AND LGPL-2.1-or-later AND LicenseRef-public-domain", + "name": "systemd-standalone-sysusers", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/systemd-standalone-sysusers/copyright, /var/lib/dpkg/info/systemd-standalone-sysusers.md5sums, /var/lib/dpkg/info/systemd-standalone-sysusers.list", + "supplier": "NOASSERTION", + "versionInfo": "255.4-1ubuntu8.10" + }, + { + "SPDXID": "SPDXRef-Package-deb-sysvinit-utils-c997e4113ef7ac60", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:sysvinit-utils:sysvinit-utils:3.08-6ubuntu3:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:sysvinit-utils:sysvinit_utils:3.08-6ubuntu3:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:sysvinit_utils:sysvinit-utils:3.08-6ubuntu3:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:sysvinit_utils:sysvinit_utils:3.08-6ubuntu3:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:sysvinit:sysvinit-utils:3.08-6ubuntu3:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:sysvinit:sysvinit_utils:3.08-6ubuntu3:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/sysvinit-utils@3.08-6ubuntu3?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=sysvinit", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "GPL-2.0-only AND GPL-2.0-only AND GPL-2.0-or-later AND GPL-3.0-only AND GPL-3.0-only AND LGPL-2.1-only AND LGPL-2.1-or-later", + "name": "sysvinit-utils", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/sysvinit-utils/copyright, /var/lib/dpkg/info/sysvinit-utils.md5sums, /var/lib/dpkg/info/sysvinit-utils.list", + "supplier": "NOASSERTION", + "versionInfo": "3.08-6ubuntu3" + }, + { + "SPDXID": "SPDXRef-Package-deb-tar-059ac6c07034f18c", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:tar:tar:1.35\\+dfsg-3build1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/tar@1.35%2Bdfsg-3build1?arch=amd64\u0026distro=ubuntu-24.04", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "GPL-2.0-only AND GPL-2.0-or-later AND GPL-3.0-only AND GPL-3.0-or-later AND LGPL-2.1-only AND LGPL-2.1-or-later AND LGPL-3.0-only AND LGPL-3.0-or-later", + "name": "tar", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/tar/copyright, /var/lib/dpkg/info/tar.md5sums, /var/lib/dpkg/info/tar.list, /var/lib/dpkg/info/tar.postinst, /var/lib/dpkg/info/tar.prerm", + "supplier": "NOASSERTION", + "versionInfo": "1.35+dfsg-3build1" + }, + { + "SPDXID": "SPDXRef-Package-deb-tzdata-9f9ef5544f256090", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:tzdata:tzdata:2025b-0ubuntu0.24.04.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/tzdata@2025b-0ubuntu0.24.04.1?arch=all\u0026distro=ubuntu-24.04", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "ICU AND LicenseRef-public-domain", + "name": "tzdata", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/tzdata/copyright, /var/lib/dpkg/info/tzdata.md5sums, /var/lib/dpkg/info/tzdata.config, /var/lib/dpkg/info/tzdata.list, /var/lib/dpkg/info/tzdata.postinst, /var/lib/dpkg/info/tzdata.postrm, /var/lib/dpkg/info/tzdata.templates", + "supplier": "NOASSERTION", + "versionInfo": "2025b-0ubuntu0.24.04.1" + }, + { + "SPDXID": "SPDXRef-Package-deb-ubuntu-keyring-c1dfa211d9e08b7c", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:ubuntu-keyring:ubuntu-keyring:2023.11.28.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:ubuntu-keyring:ubuntu_keyring:2023.11.28.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:ubuntu_keyring:ubuntu-keyring:2023.11.28.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:ubuntu_keyring:ubuntu_keyring:2023.11.28.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:ubuntu:ubuntu-keyring:2023.11.28.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:ubuntu:ubuntu_keyring:2023.11.28.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/ubuntu-keyring@2023.11.28.1?arch=all\u0026distro=ubuntu-24.04", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "LicenseRef-GPL", + "name": "ubuntu-keyring", + "originator": "Person: Dimitri John Ledkov (dimitri.ledkov@canonical.com)", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/ubuntu-keyring/copyright, /var/lib/dpkg/info/ubuntu-keyring.md5sums, /var/lib/dpkg/info/ubuntu-keyring.list, /var/lib/dpkg/info/ubuntu-keyring.postinst", + "supplier": "Person: Dimitri John Ledkov (dimitri.ledkov@canonical.com)", + "versionInfo": "2023.11.28.1" + }, + { + "SPDXID": "SPDXRef-Package-deb-udev-2091936089b1452a", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:udev:udev:255.4-1ubuntu8.10:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/udev@255.4-1ubuntu8.10?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=systemd", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "CC0-1.0 AND LicenseRef-Expat AND GPL-2.0-only AND GPL-2.0-or-later AND LGPL-2.1-only AND LGPL-2.1-or-later AND LicenseRef-public-domain", + "name": "udev", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/udev/copyright, /var/lib/dpkg/info/udev.conffiles, /var/lib/dpkg/info/udev.md5sums, /var/lib/dpkg/info/udev.list, /var/lib/dpkg/info/udev.postinst, /var/lib/dpkg/info/udev.postrm, /var/lib/dpkg/info/udev.preinst, /var/lib/dpkg/info/udev.prerm, /var/lib/dpkg/info/udev.triggers", + "supplier": "NOASSERTION", + "versionInfo": "255.4-1ubuntu8.10" + }, + { + "SPDXID": "SPDXRef-Package-deb-unminimize-ac23ecb5ae09e407", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:unminimize:unminimize:0.2.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/unminimize@0.2.1?arch=amd64\u0026distro=ubuntu-24.04", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "GPL-2.0-only AND GPL-2.0-or-later", + "name": "unminimize", + "originator": "Person: Utkarsh Gupta (utkarsh@ubuntu.com)", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/unminimize/copyright, /var/lib/dpkg/info/unminimize.md5sums, /var/lib/dpkg/info/unminimize.list, /var/lib/dpkg/info/unminimize.postinst", + "supplier": "Person: Utkarsh Gupta (utkarsh@ubuntu.com)", + "versionInfo": "0.2.1" + }, + { + "SPDXID": "SPDXRef-Package-deb-util-linux-128cb56c9a454ff7", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:util-linux:util-linux:2.39.3-9ubuntu6.3:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:util-linux:util_linux:2.39.3-9ubuntu6.3:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:util_linux:util-linux:2.39.3-9ubuntu6.3:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:util_linux:util_linux:2.39.3-9ubuntu6.3:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:util:util-linux:2.39.3-9ubuntu6.3:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:util:util_linux:2.39.3-9ubuntu6.3:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/util-linux@2.39.3-9ubuntu6.3?arch=amd64\u0026distro=ubuntu-24.04", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "BSD-3-Clause AND BSD-4-Clause AND LicenseRef-BSLA AND GPL-2.0-only AND GPL-2.0-or-later AND GPL-3.0-only AND GPL-3.0-or-later AND LicenseRef-LGPL AND LGPL-2.0-only AND LGPL-2.0-or-later AND LGPL-2.1-only AND LGPL-2.1-or-later AND LGPL-3.0-only AND LGPL-3.0-or-later AND MIT AND LicenseRef-public-domain", + "name": "util-linux", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/util-linux/copyright, /var/lib/dpkg/info/util-linux.conffiles, /var/lib/dpkg/info/util-linux.md5sums, /var/lib/dpkg/info/util-linux.list, /var/lib/dpkg/info/util-linux.postinst, /var/lib/dpkg/info/util-linux.postrm, /var/lib/dpkg/info/util-linux.prerm", + "supplier": "NOASSERTION", + "versionInfo": "2.39.3-9ubuntu6.3" + }, + { + "SPDXID": "SPDXRef-Package-deb-wget-60066e1a0c3c8412", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:wget:wget:1.21.4-1ubuntu4.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/wget@1.21.4-1ubuntu4.1?arch=amd64\u0026distro=ubuntu-24.04", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "GFDL-1.2-only AND GPL-3.0-only", + "name": "wget", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/wget/copyright, /var/lib/dpkg/info/wget.conffiles, /var/lib/dpkg/info/wget.md5sums, /var/lib/dpkg/info/wget.list", + "supplier": "NOASSERTION", + "versionInfo": "1.21.4-1ubuntu4.1" + }, + { + "SPDXID": "SPDXRef-Package-deb-zlib1g-ac4c65178408e21f", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:2.3:a:zlib1g:zlib1g:1\\:1.3.dfsg-3.1ubuntu2.1:*:*:*:*:*:*:*", + "referenceType": "cpe23Type" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceLocator": "pkg:deb/ubuntu/zlib1g@1%3A1.3.dfsg-3.1ubuntu2.1?arch=amd64\u0026distro=ubuntu-24.04\u0026upstream=zlib", + "referenceType": "purl" + } + ], + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "Zlib", + "name": "zlib1g", + "packageVerificationCode": { + "packageVerificationCodeValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + "sourceInfo": "acquired package info from DPKG DB: /var/lib/dpkg/status, /usr/share/doc/zlib1g/copyright, /var/lib/dpkg/info/zlib1g:amd64.md5sums", + "supplier": "NOASSERTION", + "versionInfo": "1:1.3.dfsg-3.1ubuntu2.1" + }, + { + "SPDXID": "SPDXRef-DocumentRoot-Directory-sbom", + "copyrightText": "NOASSERTION", + "downloadLocation": "NOASSERTION", + "filesAnalyzed": false, + "licenseConcluded": "NOASSERTION", + "licenseDeclared": "NOASSERTION", + "name": "sbom", + "primaryPackagePurpose": "FILE", + "supplier": "NOASSERTION" + } +] \ No newline at end of file diff --git a/tests/sbom_buildx_formatted_blob.txt b/tests/sbom_buildx_formatted_blob.txt new file mode 100644 index 0000000..04823e1 --- /dev/null +++ b/tests/sbom_buildx_formatted_blob.txt @@ -0,0 +1,149 @@ +NAME VERSION +adduser 3.137ubuntu1 +apt 2.8.3 +apt-utils 2.8.3 +base-files 13ubuntu10.3 +base-passwd 3.6.3build1 +bash 5.2.21-2ubuntu4 +bsdutils 1:2.39.3-9ubuntu6.3 +ca-certificates 20240203 +catatonit 0.1.7-1 +coreutils 9.4-3ubuntu6.1 +cron 3.0pl1-184ubuntu2 +cron-daemon-common 3.0pl1-184ubuntu2 +curl 8.5.0-2ubuntu10.6 +dash 0.5.12-6ubuntu5 +debconf 1.5.86ubuntu1 +debianutils 5.17build1 +diffutils 1:3.10-1build1 +dirmngr 2.4.4-2ubuntu17.3 +dpkg 1.22.6ubuntu6.2 +e2fsprogs 1.47.0-2.4~exp1ubuntu4.1 +findutils 4.9.0-5build1 +gcc-14-base 14.2.0-4ubuntu2~24.04 +gnupg 2.4.4-2ubuntu17.3 +gnupg-l10n 2.4.4-2ubuntu17.3 +gnupg-utils 2.4.4-2ubuntu17.3 +gpg 2.4.4-2ubuntu17.3 +gpg-agent 2.4.4-2ubuntu17.3 +gpg-wks-client 2.4.4-2ubuntu17.3 +gpgconf 2.4.4-2ubuntu17.3 +gpgsm 2.4.4-2ubuntu17.3 +gpgv 2.4.4-2ubuntu17.3 +grep 3.11-4build1 +gzip 1.12-1ubuntu3.1 +hostname 3.23+nmu2ubuntu2 +init-system-helpers 1.66ubuntu1 +jq 1.7.1-3ubuntu0.24.04.1 +keyboxd 2.4.4-2ubuntu17.3 +krb5-locales 1.20.1-6ubuntu2.6 +libacl1 2.3.2-1build1.1 +libapt-pkg6.0t64 2.8.3 +libassuan0 2.5.6-1build1 +libattr1 1:2.5.2-1build1.1 +libaudit-common 1:3.1.2-2.1build1.1 +libaudit1 1:3.1.2-2.1build1.1 +libblkid1 2.39.3-9ubuntu6.3 +libbrotli1 1.1.0-2build2 +libbsd0 0.12.1-1build1.1 +libbz2-1.0 1.0.8-5.1build0.1 +libc-bin 2.39-0ubuntu8.6 +libc6 2.39-0ubuntu8.6 +libcap-ng0 0.8.4-2build2 +libcap2 1:2.66-5ubuntu2.2 +libcom-err2 1.47.0-2.4~exp1ubuntu4.1 +libcrypt1 1:4.4.36-4build1 +libcurl4t64 8.5.0-2ubuntu10.6 +libdb5.3t64 5.3.28+dfsg2-7 +libdebconfclient0 0.271ubuntu3 +libext2fs2t64 1.47.0-2.4~exp1ubuntu4.1 +libffi8 3.4.6-1build1 +libgcc-s1 14.2.0-4ubuntu2~24.04 +libgcrypt20 1.10.3-2build1 +libgmp10 2:6.3.0+dfsg-2ubuntu6.1 +libgnutls30t64 3.8.3-1.1ubuntu3.4 +libgpg-error0 1.47-3build2.1 +libgssapi-krb5-2 1.20.1-6ubuntu2.6 +libhogweed6t64 3.9.1-2.2build1.1 +libidn2-0 2.3.7-2build1.1 +libjq1 1.7.1-3ubuntu0.24.04.1 +libk5crypto3 1.20.1-6ubuntu2.6 +libkeyutils1 1.6.3-3build1 +libkmod2 31+20240202-2ubuntu7.1 +libkrb5-3 1.20.1-6ubuntu2.6 +libkrb5support0 1.20.1-6ubuntu2.6 +libksba8 1.6.6-1build1 +libldap-common 2.6.7+dfsg-1~exp1ubuntu8. +libldap2 2.6.7+dfsg-1~exp1ubuntu8. +liblz4-1 1.9.4-1build1.1 +liblzma5 5.6.1+really5.4.5-1ubuntu +libmd0 1.1.0-2build1.1 +libmount1 2.39.3-9ubuntu6.3 +libncursesw6 6.4+20240113-1ubuntu2 +libnettle8t64 3.9.1-2.2build1.1 +libnghttp2-14 1.59.0-1ubuntu0.2 +libnpth0t64 1.6-3.1build1 +libonig5 6.9.9-1build1 +libp11-kit0 0.25.3-4ubuntu2.1 +libpam-modules 1.5.3-5ubuntu5.5 +libpam-modules-bin 1.5.3-5ubuntu5.5 +libpam-runtime 1.5.3-5ubuntu5.5 +libpam0g 1.5.3-5ubuntu5.5 +libpcre2-8-0 10.42-4ubuntu2.1 +libproc2-0 2:4.0.4-4ubuntu3.2 +libpsl5t64 0.21.2-1.1build1 +libreadline8t64 8.2-4build1 +librtmp1 2.4+20151223.gitfa8646d.1 +libsasl2-2 2.1.28+dfsg1-5ubuntu3.1 +libsasl2-modules 2.1.28+dfsg1-5ubuntu3.1 +libsasl2-modules-db 2.1.28+dfsg1-5ubuntu3.1 +libseccomp2 2.5.5-1ubuntu3.1 +libselinux1 3.5-2ubuntu2.1 +libsemanage-common 3.5-1build5 +libsemanage2 3.5-1build5 +libsepol2 3.5-2build1 +libsmartcols1 2.39.3-9ubuntu6.3 +libsqlite3-0 3.45.1-1ubuntu2.5 +libss2 1.47.0-2.4~exp1ubuntu4.1 +libssh-4 0.10.6-2ubuntu0.1 +libssl3t64 3.0.13-0ubuntu3.5 +libstdc++6 14.2.0-4ubuntu2~24.04 +libsystemd0 255.4-1ubuntu8.10 +libtasn1-6 4.19.0-3ubuntu0.24.04.1 +libtinfo6 6.4+20240113-1ubuntu2 +libudev1 255.4-1ubuntu8.10 +libunistring5 1.1-2build1.1 +libuuid1 2.39.3-9ubuntu6.3 +libxxhash0 0.8.2-2build1 +libzstd1 1.5.5+dfsg2-2build1.1 +locales 2.39-0ubuntu8.6 +login 1:4.13+dfsg1-4ubuntu3.2 +logsave 1.47.0-2.4~exp1ubuntu4.1 +mawk 1.3.4.20240123-1build1 +mount 2.39.3-9ubuntu6.3 +ncurses-base 6.4+20240113-1ubuntu2 +ncurses-bin 6.4+20240113-1ubuntu2 +netcat-openbsd 1.226-1ubuntu2 +openssl 3.0.13-0ubuntu3.5 +passwd 1:4.13+dfsg1-4ubuntu3.2 +perl-base 5.38.2-3.2ubuntu0.2 +pinentry-curses 1.2.1-3ubuntu5 +plexmediaserver 1.42.2.10156-f737b826c +procps 2:4.0.4-4ubuntu3.2 +publicsuffix 20231001.0357-0.1 +readline-common 8.2-4build1 +sed 4.9-2build1 +sensible-utils 0.0.22 +systemd-dev 255.4-1ubuntu8.10 +systemd-hwe-hwdb 255.1.5 +systemd-standalone-sysusers 255.4-1ubuntu8.10 +sysvinit-utils 3.08-6ubuntu3 +tar 1.35+dfsg-3build1 +tzdata 2025b-0ubuntu0.24.04.1 +ubuntu-keyring 2023.11.28.1 +udev 255.4-1ubuntu8.10 +unminimize 0.2.1 +util-linux 2.39.3-9ubuntu6.3 +wget 1.21.4-1ubuntu4.1 +zlib1g 1:1.3.dfsg-3.1ubuntu2.1 +sbom diff --git a/tests/test_ci.py b/tests/test_ci.py index 051e3a8..834dd52 100644 --- a/tests/test_ci.py +++ b/tests/test_ci.py @@ -1,5 +1,5 @@ import os -from unittest.mock import Mock +from unittest.mock import Mock, patch import json import pytest @@ -8,7 +8,7 @@ from docker import DockerClient from moto import mock_aws -from ci.ci import CI, SetEnvs +from ci.ci import CI, SetEnvs, CITestResult, CITests, Platform os.environ["DRY_RUN"] = "false" os.environ["IMAGE"] = "linuxserver/test" @@ -29,6 +29,18 @@ def sbom_blob() -> bytes: with open("tests/sbom_blob.txt", "rb") as f: yield f.read() +@pytest.fixture +def sbom_buildx_blob() -> str: + with open("tests/sbom_buildx_blob.txt", "rb") as f: + data = f.read() + yield data.decode("utf-8").strip() + +@pytest.fixture +def sbom_buildx_formatted_blob() -> str: + with open("tests/sbom_buildx_formatted_blob.txt", "rb") as f: + data = f.read() + yield data.decode("utf-8").strip() + @pytest.fixture def syft_mock_container(sbom_blob:bytes) -> Mock: container = Mock(spec=Container) @@ -38,11 +50,12 @@ def syft_mock_container(sbom_blob:bytes) -> Mock: yield container @pytest.fixture -def ci(tmpdir, syft_mock_container: Mock) -> CI: +def ci(tmpdir, syft_mock_container: Mock, sbom_buildx_blob: str) -> CI: ci = CI() ci.client = Mock(DockerClient) ci.client.containers = Mock() ci.client.containers.run = Mock(return_value=syft_mock_container) + ci.get_sbom_buildx_blob = Mock(return_value=sbom_buildx_blob) ci.outdir = tmpdir yield ci @@ -108,8 +121,8 @@ def test_convert_env(set_envs: SetEnvs): def test_add_test_result(ci: CI): for tag in ci.tags: - ci._add_test_result(tag=tag, test=f"test-{tag}", status="PASS", message="-", start_time="") - assert ci.tag_report_tests[tag] == {'test': {f"test-{tag}": {"status": "PASS", "message": "-", "runtime": "-"}}} + ci._add_test_result(tag=tag, test=CITests.CONTAINER_START, status=CITestResult.PASS, message="-", start_time="") + assert ci.tag_report_tests[tag] == {'test': {CITests.CONTAINER_START.value: {"status": "PASS", "message": "-", "runtime": "-"}}} def test_get_build_info(ci: CI, mock_container: Mock): info: dict[str, str] = ci.get_build_info(mock_container,ci.tags[0]) @@ -125,20 +138,20 @@ def test_get_build_info(ci: CI, mock_container: Mock): assert info == mock_info def test_get_platform(ci: CI): - assert ci.get_platform(ci.tags[0]) == "amd64" - assert ci.get_platform(ci.tags[1]) == "arm64" + assert ci.get_platform(ci.tags[0]) == Platform.AMD64.value + assert ci.get_platform(ci.tags[1]) == Platform.ARM64.value def test_watch_container_logs(ci: CI, mock_container: Mock): ci.watch_container_logs(mock_container, ci.tags[0]) - assert ci.tag_report_tests[ci.tags[0]]["test"]["Container startup"]["status"] == "PASS" + assert ci.tag_report_tests[ci.tags[0]]["test"][CITests.CONTAINER_START.value]["status"] == CITestResult.PASS.value def test_take_screenshot(ci:CI,mock_container: Mock): screenshot: bool = ci.take_screenshot(mock_container, ci.tags[0]) if screenshot: assert os.path.isfile(os.path.join(ci.outdir, f"{ci.tags[0]}.png")) is True - assert ci.tag_report_tests[ci.tags[0]]["test"]["Get screenshot"]["status"] == "PASS" + assert ci.tag_report_tests[ci.tags[0]]["test"][CITests.CAPTURE_SCREENSHOT.value]["status"] == CITestResult.PASS.value else: - assert ci.tag_report_tests[ci.tags[0]]["test"]["Get screenshot"]["status"] == "FAIL" + assert ci.tag_report_tests[ci.tags[0]]["test"][CITests.CAPTURE_SCREENSHOT.value]["status"] == CITestResult.FAIL.value def test_create_html_ansi_file(ci:CI, log_blob:bytes): logs = log_blob.decode("utf-8") @@ -159,10 +172,41 @@ def test_badge_render(ci:CI): ci.badge_render() assert os.path.isfile(os.path.join(ci.outdir,"ci-status.yml")) is True -def test_generate_sbom(ci:CI, syft_mock_container:Mock, sbom_blob:bytes): - sbom = ci.generate_sbom(ci.tags[0]) +def test_get_sbom_syft(ci:CI, syft_mock_container:Mock, sbom_blob:bytes): + sbom = ci.get_sbom_syft(ci.tags[0]) assert "VERSION" in sbom +def test_parse_buildx_sbom(ci:CI, sbom_buildx_blob:str): + packages = ci.parse_buildx_sbom(sbom_buildx_blob) + assert len(packages) == 148 + assert packages[0]["name"] == "adduser" + assert packages[0]["version"] == "3.137ubuntu1" + +def test_format_package_table(ci:CI, sbom_buildx_blob:str, sbom_buildx_formatted_blob: str): + packages = ci.parse_buildx_sbom(sbom_buildx_blob) + table = ci.format_package_table(packages) + assert "VERSION" in table + assert "cron" in table + assert "3.0pl1-184ubuntu2" in table + +def test_get_sbom_buildx_blob(ci: CI, sbom_buildx_blob: str) -> None: + expected_output = sbom_buildx_blob + mock_completed_process = Mock() + mock_completed_process.returncode = 0 + mock_completed_process.stdout = expected_output + + with patch("subprocess.run", return_value=mock_completed_process): + sbom = ci.get_sbom_buildx_blob(ci.tags[0]) + assert sbom.strip() == expected_output.strip() + +def test_make_sbom(ci: CI, sbom_buildx_blob: str, sbom_buildx_formatted_blob: str) -> None: + with patch.object(ci, 'get_sbom_buildx_blob', return_value=sbom_buildx_blob): + packages = ci.make_sbom(ci.tags[0]) + assert os.path.isfile(os.path.join(ci.outdir,"amd64-nightly-5.10.1.9109-ls85.sbom.html")) is True + assert "VERSION" in packages + assert "cron" in packages + assert "3.0pl1-184ubuntu2" in packages + def test_create_s3_client(ci:CI): with mock_aws(): ci.s3_client = ci.create_s3_client()