yocto@lists.yoctoproject.org | [meta-security][PATCH] tpm2-tss: correct CVE product

Home Messages Hashtags Subgroups

Date Date 1 - 1 of 1

Andrej Valek <andrej.valek@...> #59488 From: Peter Marko <peter.marko@...> Currently CVE-2023-22745 does not show up in kirkstone CVE report. This fixes that. Products from yocto's CVE check NVD database: sqlite> select * from products where product like "tpm2%"; CVE-2017-7524\|tpm2-tools_project\|tpm2.0-tools\|\|\|1.1.0\|<= CVE-2020-24455\|tpm2_software_stack_project\|tpm2_software_stack\|\|\|2.4.3\|< CVE-2020-24455\|tpm2_software_stack_project\|tpm2_software_stack\|3.0.0\|>=\|3.0.1\|< CVE-2021-3565\|tpm2-tools_project\|tpm2-tools\|5.1\|>=\|5.1.1\|< CVE-2021-3565\|tpm2-tools_project\|tpm2-tools\|\|\|4.3.2\|< CVE-2023-22745\|tpm2_software_stack_project\|tpm2_software_stack\|\|\|4.0.0\|<= Signed-off-by: Peter Marko <peter.marko@...> --- meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_4.0.1.bb \| 2 ++ 1 file changed, 2 insertions(+) diff --git a/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_4.0.1.bb b/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_4.0.1.bb index 657a2cd..cc7e6ae 100644 --- a/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_4.0.1.bb +++ b/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_4.0.1.bb @@ -14,6 +14,8 @@ SRC_URI[sha256sum] = "532a70133910b6bd842289915b3f9423c0205c0ea009d65294ca18a740 UPSTREAM_CHECK_URI = "https://github.com/tpm2-software/${BPN}/releases" +CVE_PRODUCT = "tpm2_software_stack" + inherit autotools pkgconfig systemd useradd PACKAGECONFIG ??= "vendor" -- 2.30.2
More All Messages By This Member

1 - 1 of 1