Message ID | 20240422073839.12672-1-ps.report@gmx.net |
---|---|
State | Accepted |
Headers | show |
Series | [v1] package/speechd: set CPE_ID_VENDOR (to silence mismatched CVE warning) | expand |
Peter, All, On 2024-04-22 09:38 +0200, Peter Seiderer via buildroot spake thusly: > - set CPE_ID_VENDOR to silence mismatched CVE-2001-0956 ([1], [2]) warning > clearly aiming some other product/version ("speechd 0.54 with Festival or > rsynth speech synthesis package") > > [1] https://security-tracker.debian.org/tracker/CVE-2001-0956 > [2] https://github.com/advisories/GHSA-67cw-4jhh-3jm7 > > Signed-off-by: Peter Seiderer <ps.report@gmx.net> Applied to master, thanks. Regards, Yann E. MORIN. > --- > package/speechd/speechd.mk | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/package/speechd/speechd.mk b/package/speechd/speechd.mk > index 7d50f88c1d..669bec0634 100644 > --- a/package/speechd/speechd.mk > +++ b/package/speechd/speechd.mk > @@ -8,6 +8,7 @@ SPEECHD_VERSION = 0.11.5 > SPEECHD_SITE = $(call github,brailcom,speechd,$(SPEECHD_VERSION)) > SPEECHD_LICENSE = GPL-2.0+, GPL-3.0+ (buildsystem), LGPL-2.1+ > SPEECHD_LICENSE_FILES = COPYING.GPL-2 COPYING.GPL-3 COPYING.LGPL > +SPEECHD_CPE_ID_VENDOR = brailcom > SPEECHD_INSTALL_STAGING = YES > # speechd source code is released without configure script > SPEECHD_AUTORECONF = YES > -- > 2.44.0 > > _______________________________________________ > buildroot mailing list > buildroot@buildroot.org > https://lists.buildroot.org/mailman/listinfo/buildroot
>>>>> "Peter" == Peter Seiderer via buildroot <buildroot@buildroot.org> writes: > - set CPE_ID_VENDOR to silence mismatched CVE-2001-0956 ([1], [2]) warning > clearly aiming some other product/version ("speechd 0.54 with Festival or > rsynth speech synthesis package") > [1] https://security-tracker.debian.org/tracker/CVE-2001-0956 > [2] https://github.com/advisories/GHSA-67cw-4jhh-3jm7 > Signed-off-by: Peter Seiderer <ps.report@gmx.net> Committed to 2024.02.x, thanks.
diff --git a/package/speechd/speechd.mk b/package/speechd/speechd.mk index 7d50f88c1d..669bec0634 100644 --- a/package/speechd/speechd.mk +++ b/package/speechd/speechd.mk @@ -8,6 +8,7 @@ SPEECHD_VERSION = 0.11.5 SPEECHD_SITE = $(call github,brailcom,speechd,$(SPEECHD_VERSION)) SPEECHD_LICENSE = GPL-2.0+, GPL-3.0+ (buildsystem), LGPL-2.1+ SPEECHD_LICENSE_FILES = COPYING.GPL-2 COPYING.GPL-3 COPYING.LGPL +SPEECHD_CPE_ID_VENDOR = brailcom SPEECHD_INSTALL_STAGING = YES # speechd source code is released without configure script SPEECHD_AUTORECONF = YES
- set CPE_ID_VENDOR to silence mismatched CVE-2001-0956 ([1], [2]) warning clearly aiming some other product/version ("speechd 0.54 with Festival or rsynth speech synthesis package") [1] https://security-tracker.debian.org/tracker/CVE-2001-0956 [2] https://github.com/advisories/GHSA-67cw-4jhh-3jm7 Signed-off-by: Peter Seiderer <ps.report@gmx.net> --- package/speechd/speechd.mk | 1 + 1 file changed, 1 insertion(+)