GNU bug report logs -
#76819
[PATCH v7 00/35] Add lint-hidden-cpe-vendors property
Previous Next
Full log
Message #95 received at 76819 <at> debbugs.gnu.org (full text, mbox):
* gnu/packages/version-control.scm (git-minimal, git)[properties]: Use
lint-hidden-cpe-vendors in place of lint-hidden-cve.
---
gnu/packages/version-control.scm | 15 +--------------
1 file changed, 1 insertion(+), 14 deletions(-)
diff --git a/gnu/packages/version-control.scm b/gnu/packages/version-control.scm
index 4b66fa02fb..d85bdbe9c4 100644
--- a/gnu/packages/version-control.scm
+++ b/gnu/packages/version-control.scm
@@ -589,20 +589,7 @@ (define PATH-variable-definition
(description
"Git is a free distributed version control system designed to handle
everything from small to very large projects with speed and efficiency.")
- ;; XXX: Ignore this CVE to work around a name clash with the unrelated
- ;; "cpe:2.3:a:jenkins:git" package. The proper fix is for (guix cve) to
- ;; account for "vendor names".
- (properties '((lint-hidden-cve . ("CVE-2018-1000182"
- "CVE-2018-1000110"
- "CVE-2019-1003010"
- "CVE-2020-2136"
- "CVE-2021-21684"
- "CVE-2022-30947"
- "CVE-2022-30948"
- "CVE-2022-30949"
- "CVE-2022-36882"
- "CVE-2022-36883"
- "CVE-2022-36884"))
+ (properties '((lint-hidden-cpe-vendors . ("jenkins"))
(upstream-name . "git")))
(license license:gpl2)
(home-page "https://git-scm.com/")))
--
2.48.1
This bug report was last modified 99 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.