| Message ID | 20250508123205.1559-1-br015@umbiko.net |
|---|---|
| State | Accepted |
| Headers | show |
| Series | [1/1] package/mpd: update CPE/CVE information | expand |
>>>>> "Andreas" == Andreas Ziegler <br015@umbiko.net> writes: > Since 01/2023, MPD has an entry in the NIST database [1]. > Add vendor amd product IDs [2] to mpd.mk and remove the now > obsolete IGNORE_CVES entry. > [1] https://nvd.nist.gov/vuln/detail/CVE-2022-46449 > [2] https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=musicpd > Signed-off-by: Andreas Ziegler <br015@umbiko.net> Committed, thanks.
diff --git a/package/mpd/mpd.mk b/package/mpd/mpd.mk index 6cae2845e3..35632f97b4 100644 --- a/package/mpd/mpd.mk +++ b/package/mpd/mpd.mk @@ -11,8 +11,10 @@ MPD_SITE = https://www.musicpd.org/download/mpd/$(MPD_VERSION_MAJOR) MPD_DEPENDENCIES = host-pkgconf fmt MPD_LICENSE = GPL-2.0+ MPD_LICENSE_FILES = COPYING -# these refer to the FreeBSD PPP daemon -MPD_IGNORE_CVES = CVE-2020-7465 CVE-2020-7466 + +MPD_CPE_ID_VENDOR = musicpd +MPD_CPE_ID_PRODUCT = music_player_demon + MPD_SELINUX_MODULES = mpd MPD_CONF_OPTS = \ -Daudiofile=disabled \
Since 01/2023, MPD has an entry in the NIST database [1]. Add vendor amd product IDs [2] to mpd.mk and remove the now obsolete IGNORE_CVES entry. [1] https://nvd.nist.gov/vuln/detail/CVE-2022-46449 [2] https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=musicpd Signed-off-by: Andreas Ziegler <br015@umbiko.net> --- package/mpd/mpd.mk | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-)