diff mbox series

[v1] package/speechd: set CPE_ID_VENDOR (to silence mismatched CVE warning)

Message ID 20240422073839.12672-1-ps.report@gmx.net
State Accepted
Headers show
Series [v1] package/speechd: set CPE_ID_VENDOR (to silence mismatched CVE warning) | expand

Commit Message

Peter Seiderer April 22, 2024, 7:38 a.m. UTC 
- set CPE_ID_VENDOR to silence mismatched CVE-2001-0956 ([1], [2]) warning
  clearly aiming some other product/version ("speechd 0.54 with Festival or
  rsynth speech synthesis package")

[1] https://security-tracker.debian.org/tracker/CVE-2001-0956
[2] https://github.com/advisories/GHSA-67cw-4jhh-3jm7

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
---
 package/speechd/speechd.mk | 1 +
 1 file changed, 1 insertion(+)

Comments

Yann E. MORIN April 29, 2024, 12:07 p.m. UTC | #1 
Peter, All,

On 2024-04-22 09:38 +0200, Peter Seiderer via buildroot spake thusly:
> - set CPE_ID_VENDOR to silence mismatched CVE-2001-0956 ([1], [2]) warning
>   clearly aiming some other product/version ("speechd 0.54 with Festival or
>   rsynth speech synthesis package")
> 
> [1] https://security-tracker.debian.org/tracker/CVE-2001-0956
> [2] https://github.com/advisories/GHSA-67cw-4jhh-3jm7
> 
> Signed-off-by: Peter Seiderer <ps.report@gmx.net>

Applied to master, thanks.

Regards,
Yann E. MORIN.

> ---
>  package/speechd/speechd.mk | 1 +
>  1 file changed, 1 insertion(+)
> 
> diff --git a/package/speechd/speechd.mk b/package/speechd/speechd.mk
> index 7d50f88c1d..669bec0634 100644
> --- a/package/speechd/speechd.mk
> +++ b/package/speechd/speechd.mk
> @@ -8,6 +8,7 @@ SPEECHD_VERSION = 0.11.5
>  SPEECHD_SITE = $(call github,brailcom,speechd,$(SPEECHD_VERSION))
>  SPEECHD_LICENSE = GPL-2.0+, GPL-3.0+ (buildsystem), LGPL-2.1+
>  SPEECHD_LICENSE_FILES = COPYING.GPL-2 COPYING.GPL-3 COPYING.LGPL
> +SPEECHD_CPE_ID_VENDOR = brailcom
>  SPEECHD_INSTALL_STAGING = YES
>  # speechd source code is released without configure script
>  SPEECHD_AUTORECONF = YES
> -- 
> 2.44.0
> 
> _______________________________________________
> buildroot mailing list
> buildroot@buildroot.org
> https://lists.buildroot.org/mailman/listinfo/buildroot
Peter Korsgaard May 7, 2024, 8:50 p.m. UTC | #2 
>>>>> "Peter" == Peter Seiderer via buildroot <buildroot@buildroot.org> writes:

 > - set CPE_ID_VENDOR to silence mismatched CVE-2001-0956 ([1], [2]) warning
 >   clearly aiming some other product/version ("speechd 0.54 with Festival or
 >   rsynth speech synthesis package")

 > [1] https://security-tracker.debian.org/tracker/CVE-2001-0956
 > [2] https://github.com/advisories/GHSA-67cw-4jhh-3jm7

 > Signed-off-by: Peter Seiderer <ps.report@gmx.net>

Committed to 2024.02.x, thanks.
diff mbox series

Patch

diff --git a/package/speechd/speechd.mk b/package/speechd/speechd.mk
index 7d50f88c1d..669bec0634 100644
--- a/package/speechd/speechd.mk
+++ b/package/speechd/speechd.mk
@@ -8,6 +8,7 @@  SPEECHD_VERSION = 0.11.5
 SPEECHD_SITE = $(call github,brailcom,speechd,$(SPEECHD_VERSION))
 SPEECHD_LICENSE = GPL-2.0+, GPL-3.0+ (buildsystem), LGPL-2.1+
 SPEECHD_LICENSE_FILES = COPYING.GPL-2 COPYING.GPL-3 COPYING.LGPL
+SPEECHD_CPE_ID_VENDOR = brailcom
 SPEECHD_INSTALL_STAGING = YES
 # speechd source code is released without configure script
 SPEECHD_AUTORECONF = YES