[meta-virtualization] [scarthgap] [PATCH] containerd-opencontainers: align CVE

All of lore.kernel.org
 help / color / mirror / Atom feed

* [meta-virtualization] [scarthgap] [PATCH] containerd-opencontainers: align CVE_PRODUCT with NVD CPE naming
@ 2026-04-23  4:38 Himanshu Jadon -X (hjadon - E INFOCHIPS PRIVATE LIMITED at Cisco)
  2026-04-28 11:42 ` Bruce Ashfield
  0 siblings, 1 reply; 2+ messages in thread
From: Himanshu Jadon -X (hjadon - E INFOCHIPS PRIVATE LIMITED at Cisco) @ 2026-04-23  4:38 UTC (permalink / raw)
  To: meta-virtualization; +Cc: vchavda

From: Himanshu Jadon <hjadon@cisco.com>

Update CVE_PRODUCT from containerd to linuxfoundation:containerd in
containerd-opencontainers recipe to match the vendor-qualified
NVD CPE naming.

This aligns with the master update[1] and avoids potential CVE lookup
gaps caused by an unqualified product token.

Reference:
[1] https://git.yoctoproject.org/meta-virtualization/commit/?id=f829fbfda0f14365235d48dbe2055121fbc0718c

Signed-off-by: Himanshu Jadon <hjadon@cisco.com>
---
 recipes-containers/containerd/containerd-opencontainers_git.bb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/recipes-containers/containerd/containerd-opencontainers_git.bb b/recipes-containers/containerd/containerd-opencontainers_git.bb
index 3144a5a6..4ecc915a 100644
--- a/recipes-containers/containerd/containerd-opencontainers_git.bb
+++ b/recipes-containers/containerd/containerd-opencontainers_git.bb
@@ -96,4 +96,4 @@ COMPATIBLE_HOST = "^(?!(qemu)?mips).*"
 
 RDEPENDS:${PN} += " ${VIRTUAL-RUNTIME_container_runtime}"
 
-CVE_PRODUCT = "containerd"
+CVE_PRODUCT = "linuxfoundation:containerd"
-- 
2.35.6



^ permalink raw reply related	[flat|nested] 2+ messages in thread

* Re: [meta-virtualization] [scarthgap] [PATCH] containerd-opencontainers: align CVE_PRODUCT with NVD CPE naming
  2026-04-23  4:38 [meta-virtualization] [scarthgap] [PATCH] containerd-opencontainers: align CVE_PRODUCT with NVD CPE naming Himanshu Jadon -X (hjadon - E INFOCHIPS PRIVATE LIMITED at Cisco)
@ 2026-04-28 11:42 ` Bruce Ashfield
  0 siblings, 0 replies; 2+ messages in thread
From: Bruce Ashfield @ 2026-04-28 11:42 UTC (permalink / raw)
  To: hjadon; +Cc: meta-virtualization, vchavda

merged.

Bruce

In message: [meta-virtualization] [scarthgap] [PATCH] containerd-opencontainers: align CVE_PRODUCT with NVD CPE naming
on 22/04/2026 Himanshu Jadon -X (hjadon - E INFOCHIPS PRIVATE LIMITED at Cisco) via lists.yoctoproject.org wrote:

> From: Himanshu Jadon <hjadon@cisco.com>
> 
> Update CVE_PRODUCT from containerd to linuxfoundation:containerd in
> containerd-opencontainers recipe to match the vendor-qualified
> NVD CPE naming.
> 
> This aligns with the master update[1] and avoids potential CVE lookup
> gaps caused by an unqualified product token.
> 
> Reference:
> [1] https://git.yoctoproject.org/meta-virtualization/commit/?id=f829fbfda0f14365235d48dbe2055121fbc0718c
> 
> Signed-off-by: Himanshu Jadon <hjadon@cisco.com>
> ---
>  recipes-containers/containerd/containerd-opencontainers_git.bb | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/recipes-containers/containerd/containerd-opencontainers_git.bb b/recipes-containers/containerd/containerd-opencontainers_git.bb
> index 3144a5a6..4ecc915a 100644
> --- a/recipes-containers/containerd/containerd-opencontainers_git.bb
> +++ b/recipes-containers/containerd/containerd-opencontainers_git.bb
> @@ -96,4 +96,4 @@ COMPATIBLE_HOST = "^(?!(qemu)?mips).*"
>  
>  RDEPENDS:${PN} += " ${VIRTUAL-RUNTIME_container_runtime}"
>  
> -CVE_PRODUCT = "containerd"
> +CVE_PRODUCT = "linuxfoundation:containerd"
> -- 
> 2.35.6
> 

> 
> -=-=-=-=-=-=-=-=-=-=-=-
> Links: You receive all messages sent to this group.
> View/Reply Online (#9722): https://lists.yoctoproject.org/g/meta-virtualization/message/9722
> Mute This Topic: https://lists.yoctoproject.org/mt/118967266/1050810
> Group Owner: meta-virtualization+owner@lists.yoctoproject.org
> Unsubscribe: https://lists.yoctoproject.org/g/meta-virtualization/unsub [bruce.ashfield@gmail.com]
> -=-=-=-=-=-=-=-=-=-=-=-
> 



^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2026-04-28 11:42 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2026-04-23  4:38 [meta-virtualization] [scarthgap] [PATCH] containerd-opencontainers: align CVE_PRODUCT with NVD CPE naming Himanshu Jadon -X (hjadon - E INFOCHIPS PRIVATE LIMITED at Cisco)
2026-04-28 11:42 ` Bruce Ashfield

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.