Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

package/utils/secilc: drop PKG_CPE_ID #15298

Merged
merged 1 commit into from
Jun 2, 2024
Merged

package/utils/secilc: drop PKG_CPE_ID #15298

merged 1 commit into from
Jun 2, 2024

Conversation

ffontaine
Copy link
Contributor

cpe:/a:selinuxproject:secilc is not a correct CPE ID for secilc: https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:selinuxproject:secilc

Fixes: 9ee7c1e (secilc: adds new package)

@github-actions github-actions bot added the core packages pull request/issue for core (in-tree) packages label Apr 27, 2024
@neheb
Copy link
Contributor

neheb commented Apr 27, 2024

https://nvd.nist.gov/vuln/detail/CVE-2021-36087 seems related to secilc.

@ffontaine
Copy link
Contributor Author

CVE-2021-36087 is associated to cpe:2.3:o:selinux_project:selinux however this CPE ID also has CVE-2015-3170 which is not associated to secilc:
https://nvd.nist.gov/vuln/search/results?form_type=Advanced&results_type=overview&isCpeNameSearch=true&seach_type=all&query=cpe:2.3:o:selinux_project:selinux:-:::::::*

So, do you prefer to use a CPE ID that has a wider scope than just secilc instead of dropping it?

@robimarko
Copy link
Contributor

@neheb ?

@neheb
Copy link
Contributor

neheb commented May 31, 2024

Might as well merge.

@ffontaine @robimarko
package/utils/secilc: drop PKG_CPE_ID
58a5877 
cpe:/a:selinuxproject:secilc is not a correct CPE ID for secilc:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:selinuxproject:secilc

Fixes: 9ee7c1e (secilc: adds new package)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Link: openwrt#15298
Signed-off-by: Robert Marko <robimarko@gmail.com>
@openwrt-bot openwrt-bot merged commit 58a5877 into openwrt:main Jun 2, 2024
3 checks passed
@robimarko
Copy link
Contributor

Thanks! Rebased on top of main and merged!

neheb pushed a commit to neheb/openwrt that referenced this pull request Jun 2, 2024
@ffontaine @neheb
package/utils/secilc: drop PKG_CPE_ID
36ea03d 
cpe:/a:selinuxproject:secilc is not a correct CPE ID for secilc:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:selinuxproject:secilc

Fixes: 9ee7c1e (secilc: adds new package)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Link: openwrt#15298
Signed-off-by: Robert Marko <robimarko@gmail.com>
@ffontaine ffontaine deleted the fix-secilc-cpe-id branch June 3, 2024 07:36
Vladdrako pushed a commit to Vladdrako/openwrt that referenced this pull request Jun 8, 2024
@ffontaine @Vladdrako
package/utils/secilc: drop PKG_CPE_ID
1756fe5 
cpe:/a:selinuxproject:secilc is not a correct CPE ID for secilc:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:selinuxproject:secilc

Fixes: 9ee7c1e (secilc: adds new package)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Link: openwrt#15298
Signed-off-by: Robert Marko <robimarko@gmail.com>
Rondom pushed a commit to Rondom/openwrt that referenced this pull request Jul 5, 2024
@ffontaine @Rondom
package/utils/secilc: drop PKG_CPE_ID
47ab717 
cpe:/a:selinuxproject:secilc is not a correct CPE ID for secilc:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:selinuxproject:secilc

Fixes: 9ee7c1e (secilc: adds new package)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Link: openwrt#15298
Signed-off-by: Robert Marko <robimarko@gmail.com>
(cherry picked from commit 58a5877)
hauke pushed a commit to Rondom/openwrt that referenced this pull request Jul 6, 2024
@ffontaine @hauke
package/utils/secilc: drop PKG_CPE_ID
95fac7d 
cpe:/a:selinuxproject:secilc is not a correct CPE ID for secilc:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:selinuxproject:secilc

Fixes: 9ee7c1e (secilc: adds new package)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Link: openwrt#15298
Signed-off-by: Robert Marko <robimarko@gmail.com>
(cherry picked from commit 58a5877)
Link: openwrt#15881
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
trinidude4 pushed a commit to trinidude4/openwrt that referenced this pull request Jul 19, 2024
@ffontaine @trinidude4
package/utils/secilc: drop PKG_CPE_ID
28f8980 
cpe:/a:selinuxproject:secilc is not a correct CPE ID for secilc:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:selinuxproject:secilc

Fixes: 9ee7c1e (secilc: adds new package)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Link: openwrt#15298
Signed-off-by: Robert Marko <robimarko@gmail.com>
(cherry picked from commit 58a5877)
Link: openwrt#15881
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
core packages pull request/issue for core (in-tree) packages
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@ffontaine @neheb @robimarko @openwrt-bot