[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

GNOME Orca 'orca' package mislabeled by 'guix lint -c cve'

From: Léo Le Bouter
Subject: GNOME Orca 'orca' package mislabeled by 'guix lint -c cve'
Date: Thu, 11 Mar 2021 02:41:24 +0100
User-agent: Evolution 3.34.2

This is GNOME Orca in the CPE database:

Currently CVE-2020-9298 is being wrongly reported by 'guix lint -c cve'
because vendor is not taken into account, therefore:
"cpe:2.3:a:spinnaker:orca" also matches.

Reminder that we need cpe-vendor property as told in <>.

I would like to tag the package but currently cannot because cpe-vendor 
does not exist yet.

Attachment: signature.asc
Description: This is a digitally signed message part

reply via email to

[Prev in Thread] Current Thread [Next in Thread]