diff --git a/Makefile b/Makefile index b2afe5bcfb..ea00891aa1 100644 --- a/Makefile +++ b/Makefile @@ -135,7 +135,7 @@ nobuild_targets := source %-source \ clean distclean help show-targets graph-depends \ %-graph-depends %-show-depends %-show-version \ graph-build graph-size list-defconfigs \ - savedefconfig update-defconfig printvars + savedefconfig update-defconfig printvars cpe-info %-cpe-info ifeq ($(MAKECMDGOALS),) BR_BUILDING = y else ifneq ($(filter-out $(nobuild_targets),$(MAKECMDGOALS)),) @@ -222,6 +222,7 @@ LEGAL_MANIFEST_CSV_TARGET = $(LEGAL_INFO_DIR)/manifest.csv LEGAL_MANIFEST_CSV_HOST = $(LEGAL_INFO_DIR)/host-manifest.csv LEGAL_WARNINGS = $(LEGAL_INFO_DIR)/.warnings LEGAL_REPORT = $(LEGAL_INFO_DIR)/README +CPE_MANIFEST_CSV = $(BASE_DIR)/cpe-manifest.csv BR2_CONFIG = $(CONFIG_DIR)/.config @@ -864,6 +865,19 @@ legal-info: legal-info-clean legal-info-prepare $(foreach p,$(PACKAGES),$(p)-all mv .legal-info.sha256 legal-info.sha256) @echo "Legal info produced in $(LEGAL_INFO_DIR)" +.PHONY: cpe-info-clean +cpe-info-clean: + @rm -f $(CPE_MANIFEST_CSV) + +.PHONY: cpe-info-prepare +cpe-info-prepare: + @$(call MESSAGE,"Gathering CPE info") + @$(call cpe-manifest,CPE ID,CVE PATCHED,PACKAGE,VERSION,SOURCE SITE) + +.PHONY: cpe-info +cpe-info: cpe-info-clean cpe-info-prepare $(foreach p,$(PACKAGES),$(p)-cpe-info) + @echo "CPE info produced in $(CPE_MANIFEST_CSV)" + .PHONY: show-targets show-targets: @echo $(sort $(PACKAGES)) $(sort $(TARGETS_ROOTFS)) @@ -1145,6 +1159,7 @@ help: @echo ' legal-info - generate info about license compliance' @echo ' show-info - generate info about packages, as a JSON blurb' @echo ' printvars - dump internal variables selected with VARS=...' + @echo ' cpe-info - generate info about security CPE identification' @echo @echo ' make V=0|1 - 0 => quiet build (default), 1 => verbose build' @echo ' make O=dir - Locate all output files in "dir", including .config' diff --git a/boot/grub2/grub2.mk b/boot/grub2/grub2.mk index a202525d71..280de94d2d 100644 --- a/boot/grub2/grub2.mk +++ b/boot/grub2/grub2.mk @@ -18,6 +18,7 @@ GRUB2_INSTALL_TARGET = YES else GRUB2_INSTALL_TARGET = NO endif +GRUB2_CPE_ID_VENDOR = gnu GRUB2_BUILTIN_MODULES = $(call qstrip,$(BR2_TARGET_GRUB2_BUILTIN_MODULES)) GRUB2_BUILTIN_CONFIG = $(call qstrip,$(BR2_TARGET_GRUB2_BUILTIN_CONFIG)) diff --git a/boot/uboot/uboot.mk b/boot/uboot/uboot.mk index 1d50e72846..f82e8951ba 100644 --- a/boot/uboot/uboot.mk +++ b/boot/uboot/uboot.mk @@ -11,6 +11,8 @@ UBOOT_LICENSE = GPL-2.0+ ifeq ($(BR2_TARGET_UBOOT_LATEST_VERSION),y) UBOOT_LICENSE_FILES = Licenses/gpl-2.0.txt endif +UBOOT_CPE_ID_VENDOR = denx +UBOOT_CPE_ID_NAME = u-boot UBOOT_INSTALL_IMAGES = YES diff --git a/docs/manual/adding-packages-generic.txt b/docs/manual/adding-packages-generic.txt index 568daaeb8d..54ffdee9d6 100644 --- a/docs/manual/adding-packages-generic.txt +++ b/docs/manual/adding-packages-generic.txt @@ -24,57 +24,59 @@ system is based on hand-written Makefiles or shell scripts. 09: LIBFOO_SITE = http://www.foosoftware.org/download 10: LIBFOO_LICENSE = GPL-3.0+ 11: LIBFOO_LICENSE_FILES = COPYING -12: LIBFOO_INSTALL_STAGING = YES -13: LIBFOO_CONFIG_SCRIPTS = libfoo-config -14: LIBFOO_DEPENDENCIES = host-libaaa libbbb -15: -16: define LIBFOO_BUILD_CMDS -17: $(MAKE) $(TARGET_CONFIGURE_OPTS) -C $(@D) all -18: endef -19: -20: define LIBFOO_INSTALL_STAGING_CMDS -21: $(INSTALL) -D -m 0755 $(@D)/libfoo.a $(STAGING_DIR)/usr/lib/libfoo.a -22: $(INSTALL) -D -m 0644 $(@D)/foo.h $(STAGING_DIR)/usr/include/foo.h -23: $(INSTALL) -D -m 0755 $(@D)/libfoo.so* $(STAGING_DIR)/usr/lib -24: endef -25: -26: define LIBFOO_INSTALL_TARGET_CMDS -27: $(INSTALL) -D -m 0755 $(@D)/libfoo.so* $(TARGET_DIR)/usr/lib -28: $(INSTALL) -d -m 0755 $(TARGET_DIR)/etc/foo.d -29: endef -30: -31: define LIBFOO_USERS -32: foo -1 libfoo -1 * - - - LibFoo daemon -33: endef -34: -35: define LIBFOO_DEVICES -36: /dev/foo c 666 0 0 42 0 - - - -37: endef -38: -39: define LIBFOO_PERMISSIONS -40: /bin/foo f 4755 foo libfoo - - - - - -41: endef -42: -43: $(eval $(generic-package)) +12: LIBFOO_CPE_ID_VENDOR = foosoftware +13: LIBFOO_INSTALL_STAGING = YES +14: LIBFOO_CONFIG_SCRIPTS = libfoo-config +15: LIBFOO_DEPENDENCIES = host-libaaa libbbb +16: +17: define LIBFOO_BUILD_CMDS +18: $(MAKE) $(TARGET_CONFIGURE_OPTS) -C $(@D) all +19: endef +20: +21: define LIBFOO_INSTALL_STAGING_CMDS +22: $(INSTALL) -D -m 0755 $(@D)/libfoo.a $(STAGING_DIR)/usr/lib/libfoo.a +23: $(INSTALL) -D -m 0644 $(@D)/foo.h $(STAGING_DIR)/usr/include/foo.h +24: $(INSTALL) -D -m 0755 $(@D)/libfoo.so* $(STAGING_DIR)/usr/lib +25: endef +26: +27: define LIBFOO_INSTALL_TARGET_CMDS +28: $(INSTALL) -D -m 0755 $(@D)/libfoo.so* $(TARGET_DIR)/usr/lib +29: $(INSTALL) -d -m 0755 $(TARGET_DIR)/etc/foo.d +30: endef +31: +32: define LIBFOO_USERS +33: foo -1 libfoo -1 * - - - LibFoo daemon +34: endef +35: +36: define LIBFOO_DEVICES +37: /dev/foo c 666 0 0 42 0 - - - +38: endef +39: +40: define LIBFOO_PERMISSIONS +41: /bin/foo f 4755 foo libfoo - - - - - +42: endef +43: +44: $(eval $(generic-package)) -------------------------------- -The Makefile begins on line 7 to 11 with metadata information: the +The Makefile begins on line 7 to 12 with metadata information: the version of the package (+LIBFOO_VERSION+), the name of the tarball containing the package (+LIBFOO_SOURCE+) (xz-ed tarball recommended) the Internet location at which the tarball can be downloaded from -(+LIBFOO_SITE+), the license (+LIBFOO_LICENSE+) and file with the -license text (+LIBFOO_LICENSE_FILES+). All variables must start with +(+LIBFOO_SITE+), the license (+LIBFOO_LICENSE+), the file with the +license text (+LIBFOO_LICENSE_FILES+) and the vendor for vunerability +analysis (+LIBFOO_CPE_ID_VENDOR+). All variables must start with the same prefix, +LIBFOO_+ in this case. This prefix is always the uppercased version of the package name (see below to understand where the package name is defined). -On line 12, we specify that this package wants to install something to +On line 13, we specify that this package wants to install something to the staging space. This is often needed for libraries, since they must install header files and other development files in the staging space. This will ensure that the commands listed in the +LIBFOO_INSTALL_STAGING_CMDS+ variable will be executed. -On line 13, we specify that there is some fixing to be done to some +On line 14, we specify that there is some fixing to be done to some of the 'libfoo-config' files that were installed during +LIBFOO_INSTALL_STAGING_CMDS+ phase. These *-config files are executable shell script files that are @@ -122,14 +124,14 @@ IMAGEMAGICK_CONFIG_SCRIPTS = \ -------------------------------- ================================ -On line 14, we specify the list of dependencies this package relies +On line 15, we specify the list of dependencies this package relies on. These dependencies are listed in terms of lower-case package names, which can be packages for the target (without the +host-+ prefix) or packages for the host (with the +host-+) prefix). Buildroot will ensure that all these packages are built and installed 'before' the current package starts its configuration. -The rest of the Makefile, lines 16..29, defines what should be done +The rest of the Makefile, lines 17..29, defines what should be done at the different steps of the package configuration, compilation and installation. +LIBFOO_BUILD_CMDS+ tells what steps should be performed to @@ -142,16 +144,16 @@ All these steps rely on the +$(@D)+ variable, which contains the directory where the source code of the package has been extracted. -On lines 31..33, we define a user that is used by this package (e.g. +On lines 31..44, we define a user that is used by this package (e.g. to run a daemon as non-root) (+LIBFOO_USERS+). -On line 35..37, we define a device-node file used by this package +On line 36..38, we define a device-node file used by this package (+LIBFOO_DEVICES+). -On line 39..41, we define the permissions to set to specific files +On line 40..42, we define the permissions to set to specific files installed by this package (+LIBFOO_PERMISSIONS+). -Finally, on line 43, we call the +generic-package+ function, which +Finally, on line 44, we call the +generic-package+ function, which generates, according to the variables defined previously, all the Makefile code necessary to make your package working. @@ -502,6 +504,29 @@ LIBFOO_IGNORE_CVES += CVE-2020-12345 LIBFOO_IGNORE_CVES += CVE-2020-54321 ---------------------- +* +LIBFOO_CPE_ID_VENDOR+ + This variable is optional. It only must be defined if the package name + does not match what the CPE ID uses for the vendor. By default it's set + to _project. + +* +LIBFOO_CPE_ID_NAME+ + This variable is optional. It only must be defined if the package name + does not match what the CPE ID uses for the name. By default it's set + to . + +* +LIBFOO_CPE_ID_VERSION+ + This variable is optional. By default it's set to . + +* +LIBFOO_CPE_ID_VERSION_MINOR+ + This variable is optional. By default it's set to *. + +* +LIBFOO_CPE_ID+ is optional, as the package infrastructure hangles the + default case of a single package's Common Product Enumeration (CPE) + identification string. +make cpe-info+ copies all of these into a + +cpe-manifest.csv+ file. To identify a package's possible CPE, + the National Vunerability Database can be searched at + https://nvd.nist.gov/products/cpe/search. + The recommended way to define these variables is to use the following syntax: diff --git a/docs/manual/manual.txt b/docs/manual/manual.txt index 48de65ee10..fcc087f6f1 100644 --- a/docs/manual/manual.txt +++ b/docs/manual/manual.txt @@ -46,6 +46,8 @@ include::legal-notice.txt[] include::beyond-buildroot.txt[] +include::cpe-reporting.txt[] + = Developer guide include::how-buildroot-works.txt[] diff --git a/linux/linux.mk b/linux/linux.mk index b9f2052ee7..bf0381f44a 100644 --- a/linux/linux.mk +++ b/linux/linux.mk @@ -12,6 +12,8 @@ LINUX_LICENSE_FILES = \ LICENSES/preferred/GPL-2.0 \ LICENSES/exceptions/Linux-syscall-note endif +LINUX_CPE_ID_VENDOR = $(LINUX_NAME) +LINUX_CPE_ID_NAME = $(LINUX_NAME)_kernel define LINUX_HELP_CMDS @echo ' linux-menuconfig - Run Linux kernel menuconfig' diff --git a/package/Makefile.in b/package/Makefile.in index 51f5cbce4f..f66f7041ee 100644 --- a/package/Makefile.in +++ b/package/Makefile.in @@ -373,6 +373,10 @@ TARGET_CONFIGURE_ARGS = \ ################################################################################ +CPE_PREFIX_OS = cpe:2.3:o +CPE_PREFIX_APP = cpe:2.3:a +CPE_SUFFIX = *:*:*:*:*:* + ifeq ($(BR2_SYSTEM_ENABLE_NLS),y) NLS_OPTS = --enable-nls TARGET_NLS_DEPENDENCIES = host-gettext diff --git a/package/audit/audit.mk b/package/audit/audit.mk index 652e0fcd56..a20767d24b 100644 --- a/package/audit/audit.mk +++ b/package/audit/audit.mk @@ -10,6 +10,8 @@ AUDIT_LICENSE = GPL-2.0+ (programs), LGPL-2.1+ (libraries) AUDIT_LICENSE_FILES = COPYING COPYING.LIB # 0002-Add-substitue-functions-for-strndupa-rawmemchr.patch AUDIT_AUTORECONF = YES +AUDIT_CPE_ID_VENDOR = linux_audit_project +AUDIT_CPE_ID_NAME = linux_audit AUDIT_INSTALL_STAGING = YES diff --git a/package/aufs/aufs.mk b/package/aufs/aufs.mk index 4e95a350a0..495e94e606 100644 --- a/package/aufs/aufs.mk +++ b/package/aufs/aufs.mk @@ -7,6 +7,7 @@ AUFS_VERSION = $(call qstrip,$(BR2_PACKAGE_AUFS_VERSION)) AUFS_LICENSE = GPL-2.0 AUFS_LICENSE_FILES = COPYING +AUFS_CPE_ID_VERSION = 4.1 ifeq ($(BR2_PACKAGE_AUFS_SERIES),3) AUFS_SITE = http://git.code.sf.net/p/aufs/aufs3-standalone diff --git a/package/bash/bash.mk b/package/bash/bash.mk index 1843862e49..b4681c1085 100644 --- a/package/bash/bash.mk +++ b/package/bash/bash.mk @@ -10,6 +10,7 @@ BASH_DEPENDENCIES = ncurses readline host-bison BASH_CONF_OPTS = --with-installed-readline --without-bash-malloc BASH_LICENSE = GPL-3.0+ BASH_LICENSE_FILES = COPYING +BASH_CPE_ID_VENDOR = gnu BASH_CONF_ENV += \ ac_cv_rl_prefix="$(STAGING_DIR)" \ diff --git a/package/bc/bc.mk b/package/bc/bc.mk index fdfacb6c89..06b6feae4f 100644 --- a/package/bc/bc.mk +++ b/package/bc/bc.mk @@ -9,6 +9,7 @@ BC_SITE = http://ftp.gnu.org/gnu/bc BC_DEPENDENCIES = host-flex BC_LICENSE = GPL-2.0+, LGPL-2.1+ BC_LICENSE_FILES = COPYING COPYING.LIB +BC_CPE_ID_VENDOR = gnu BC_CONF_ENV = MAKEINFO=true # 0001-bc-use-MAKEINFO-variable-for-docs.patch and 0004-no-gen-libmath.patch diff --git a/package/bind/bind.mk b/package/bind/bind.mk index 362a26dce6..806ece6ccd 100644 --- a/package/bind/bind.mk +++ b/package/bind/bind.mk @@ -12,6 +12,7 @@ BIND_INSTALL_STAGING = YES BIND_CONFIG_SCRIPTS = bind9-config isc-config.sh BIND_LICENSE = MPL-2.0 BIND_LICENSE_FILES = COPYRIGHT +BIND_CPE_ID_VENDOR = isc BIND_TARGET_SERVER_SBIN = arpaname ddns-confgen dnssec-checkds dnssec-coverage BIND_TARGET_SERVER_SBIN += dnssec-importkey dnssec-keygen dnssec-revoke BIND_TARGET_SERVER_SBIN += dnssec-settime dnssec-verify genrandom diff --git a/package/boost/boost.mk b/package/boost/boost.mk index 2daf7f5a96..73f8e71143 100644 --- a/package/boost/boost.mk +++ b/package/boost/boost.mk @@ -10,6 +10,7 @@ BOOST_SITE = https://dl.bintray.com/boostorg/release/$(BOOST_VERSION)/source BOOST_INSTALL_STAGING = YES BOOST_LICENSE = BSL-1.0 BOOST_LICENSE_FILES = LICENSE_1_0.txt +BOOST_CPE_ID_VENDOR = $(BOOST_NAME) # CVE-2009-3654 is misclassified (by our CVE tracker) as affecting to boost, # while in fact it affects Drupal (a module called boost in there). diff --git a/package/bridge-utils/bridge-utils.mk b/package/bridge-utils/bridge-utils.mk index 2519227471..288de8c373 100644 --- a/package/bridge-utils/bridge-utils.mk +++ b/package/bridge-utils/bridge-utils.mk @@ -10,6 +10,7 @@ BRIDGE_UTILS_SOURCE = bridge-utils-1.6.tar.xz BRIDGE_UTILS_AUTORECONF = YES BRIDGE_UTILS_LICENSE = GPL-2.0+ BRIDGE_UTILS_LICENSE_FILES = COPYING +BRIDGE_UTILS_CPE_ID_VENDOR = kernel # Avoid using the host's headers. Location is not important as # required headers will anyway be found from within the sysroot. diff --git a/package/busybox/busybox.mk b/package/busybox/busybox.mk index 24f3ba3b19..eae8aa3276 100644 --- a/package/busybox/busybox.mk +++ b/package/busybox/busybox.mk @@ -9,6 +9,7 @@ BUSYBOX_SITE = http://www.busybox.net/downloads BUSYBOX_SOURCE = busybox-$(BUSYBOX_VERSION).tar.bz2 BUSYBOX_LICENSE = GPL-2.0 BUSYBOX_LICENSE_FILES = LICENSE +BUSYBOX_CPE_ID_VENDOR = $(BUSYBOX_NAME) define BUSYBOX_HELP_CMDS @echo ' busybox-menuconfig - Run BusyBox menuconfig' diff --git a/package/bzip2/bzip2.mk b/package/bzip2/bzip2.mk index b4d8eea25e..c2e5f7610e 100644 --- a/package/bzip2/bzip2.mk +++ b/package/bzip2/bzip2.mk @@ -9,6 +9,7 @@ BZIP2_SITE = https://sourceware.org/pub/bzip2 BZIP2_INSTALL_STAGING = YES BZIP2_LICENSE = bzip2 license BZIP2_LICENSE_FILES = LICENSE +BZIP2_CPE_ID_VENDOR = bzip ifeq ($(BR2_STATIC_LIBS),) define BZIP2_BUILD_SHARED_CMDS diff --git a/package/clang/clang.mk b/package/clang/clang.mk index d740af5322..672c9fb3fa 100644 --- a/package/clang/clang.mk +++ b/package/clang/clang.mk @@ -10,6 +10,7 @@ CLANG_SITE = https://github.com/llvm/llvm-project/releases/download/llvmorg-$(CL CLANG_SOURCE = clang-$(CLANG_VERSION).src.tar.xz CLANG_LICENSE = Apache-2.0 with exceptions CLANG_LICENSE_FILES = LICENSE.TXT +CLANG_CVE_ID_VENDOR = llvm CLANG_SUPPORTS_IN_SOURCE_BUILD = NO CLANG_INSTALL_STAGING = YES diff --git a/package/collectd/collectd.mk b/package/collectd/collectd.mk index 24cdad7e1b..18c69369c6 100644 --- a/package/collectd/collectd.mk +++ b/package/collectd/collectd.mk @@ -12,6 +12,7 @@ COLLECTD_CONF_ENV = ac_cv_lib_yajl_yajl_alloc=yes COLLECTD_INSTALL_STAGING = YES COLLECTD_LICENSE = MIT (daemon, plugins), GPL-2.0 (plugins), LGPL-2.1 (plugins) COLLECTD_LICENSE_FILES = COPYING +COLLECTD_CPE_ID_VENDOR = $(COLLECTD_NAME) # These require unmet dependencies, are fringe, pointless or deprecated COLLECTD_PLUGINS_DISABLE = \ diff --git a/package/conntrack-tools/conntrack-tools.mk b/package/conntrack-tools/conntrack-tools.mk index 145b6d785f..55ea407924 100644 --- a/package/conntrack-tools/conntrack-tools.mk +++ b/package/conntrack-tools/conntrack-tools.mk @@ -12,6 +12,7 @@ CONNTRACK_TOOLS_DEPENDENCIES = host-pkgconf \ libnetfilter_queue host-bison host-flex CONNTRACK_TOOLS_LICENSE = GPL-2.0+ CONNTRACK_TOOLS_LICENSE_FILES = COPYING +CONNTRACK_TOOLS_CPE_ID_VENDOR = netfilter CONNTRACK_TOOLS_CFLAGS = $(TARGET_CFLAGS) diff --git a/package/coreutils/coreutils.mk b/package/coreutils/coreutils.mk index 3866b76243..18e9052dfd 100644 --- a/package/coreutils/coreutils.mk +++ b/package/coreutils/coreutils.mk @@ -9,6 +9,7 @@ COREUTILS_SITE = $(BR2_GNU_MIRROR)/coreutils COREUTILS_SOURCE = coreutils-$(COREUTILS_VERSION).tar.xz COREUTILS_LICENSE = GPL-3.0+ COREUTILS_LICENSE_FILES = COPYING +COREUTILS_CPE_ID_VENDOR = gnu COREUTILS_CONF_OPTS = --disable-rpath \ $(if $(BR2_TOOLCHAIN_USES_MUSL),--with-included-regex) diff --git a/package/crda/crda.mk b/package/crda/crda.mk index c5880797be..31a64d004b 100644 --- a/package/crda/crda.mk +++ b/package/crda/crda.mk @@ -9,6 +9,7 @@ CRDA_SITE = https://git.kernel.org/pub/scm/linux/kernel/git/mcgrof/crda.git/snap CRDA_DEPENDENCIES = host-pkgconf host-python-pycryptodomex libnl libgcrypt CRDA_LICENSE = ISC CRDA_LICENSE_FILES = LICENSE +CRDA_CPE_ID_VENDOR = kernel define CRDA_BUILD_CMDS $(TARGET_CONFIGURE_OPTS) \ diff --git a/package/davici/davici.mk b/package/davici/davici.mk index 5c08bbe0da..6c8df48b6a 100644 --- a/package/davici/davici.mk +++ b/package/davici/davici.mk @@ -8,6 +8,7 @@ DAVICI_VERSION = 1.3 DAVICI_SITE = $(call github,strongswan,davici,v$(DAVICI_VERSION)) DAVICI_LICENSE = LGPL-2.1+ DAVICI_LICENSE_FILES = COPYING +DAVICI_CPE_ID_VENDOR = strongswan DAVICI_DEPENDENCIES = strongswan DAVICI_INSTALL_STAGING = YES DAVICI_AUTORECONF = YES diff --git a/package/dbus-glib/dbus-glib.mk b/package/dbus-glib/dbus-glib.mk index 372942e1c3..5eb158d954 100644 --- a/package/dbus-glib/dbus-glib.mk +++ b/package/dbus-glib/dbus-glib.mk @@ -9,6 +9,7 @@ DBUS_GLIB_SITE = http://dbus.freedesktop.org/releases/dbus-glib DBUS_GLIB_INSTALL_STAGING = YES DBUS_GLIB_LICENSE = AFL-2.1 or GPL-2.0+ DBUS_GLIB_LICENSE_FILES = COPYING +DBUS_GLIB_CPE_ID_VENDOR = freedesktop DBUS_GLIB_CONF_ENV = \ ac_cv_have_abstract_sockets=yes \ diff --git a/package/dbus/dbus.mk b/package/dbus/dbus.mk index a4043864d1..958f28c60b 100644 --- a/package/dbus/dbus.mk +++ b/package/dbus/dbus.mk @@ -8,6 +8,8 @@ DBUS_VERSION = 1.12.16 DBUS_SITE = https://dbus.freedesktop.org/releases/dbus DBUS_LICENSE = AFL-2.1 or GPL-2.0+ (library, tools), GPL-2.0+ (tools) DBUS_LICENSE_FILES = COPYING +DBUS_CPE_ID_VENDOR = d-bus_project +DBUS_CPE_ID_NAME = d-bus DBUS_INSTALL_STAGING = YES define DBUS_PERMISSIONS diff --git a/package/dhcp/dhcp.mk b/package/dhcp/dhcp.mk index ad59804d3b..988c7792dc 100644 --- a/package/dhcp/dhcp.mk +++ b/package/dhcp/dhcp.mk @@ -10,6 +10,7 @@ DHCP_INSTALL_STAGING = YES DHCP_LICENSE = MPL-2.0 DHCP_LICENSE_FILES = LICENSE DHCP_DEPENDENCIES = bind +DHCP_CPE_ID_VENDOR = isc # use libtool-enabled configure.ac define DHCP_LIBTOOL_AUTORECONF diff --git a/package/dnsmasq/dnsmasq.mk b/package/dnsmasq/dnsmasq.mk index 4a7218a2b7..e0e8bed5aa 100644 --- a/package/dnsmasq/dnsmasq.mk +++ b/package/dnsmasq/dnsmasq.mk @@ -14,6 +14,7 @@ DNSMASQ_MAKE_OPTS += DESTDIR=$(TARGET_DIR) LDFLAGS="$(TARGET_LDFLAGS)" \ DNSMASQ_DEPENDENCIES = host-pkgconf $(TARGET_NLS_DEPENDENCIES) DNSMASQ_LICENSE = GPL-2.0 or GPL-3.0 DNSMASQ_LICENSE_FILES = COPYING COPYING-v3 +DNSMASQ_CPE_ID_VENDOR = thekelleys DNSMASQ_I18N = $(if $(BR2_SYSTEM_ENABLE_NLS),-i18n) diff --git a/package/dropbear/dropbear.mk b/package/dropbear/dropbear.mk index 1070a410b9..72c6928c7a 100644 --- a/package/dropbear/dropbear.mk +++ b/package/dropbear/dropbear.mk @@ -11,6 +11,8 @@ DROPBEAR_LICENSE = MIT, BSD-2-Clause, BSD-3-Clause DROPBEAR_LICENSE_FILES = LICENSE DROPBEAR_TARGET_BINS = dropbearkey dropbearconvert scp DROPBEAR_PROGRAMS = dropbear $(DROPBEAR_TARGET_BINS) +DROPBEAR_CPE_ID_VENDOR = $(DROPBEAR_NAME)_ssh_project +DROPBEAR_CPE_ID_NAME = $(DROPBEAR_NAME)_ssh # Disable hardening flags added by dropbear configure.ac, and let # Buildroot add them when the relevant options are enabled. This diff --git a/package/ebtables/ebtables.mk b/package/ebtables/ebtables.mk index 117cd5e99e..2f1e291c03 100644 --- a/package/ebtables/ebtables.mk +++ b/package/ebtables/ebtables.mk @@ -9,6 +9,7 @@ EBTABLES_SOURCE = ebtables-v$(EBTABLES_VERSION).tar.gz EBTABLES_SITE = http://ftp.netfilter.org/pub/ebtables EBTABLES_LICENSE = GPL-2.0+ EBTABLES_LICENSE_FILES = COPYING +EBTABLES_CVE_ID_VENDOR = netfilter EBTABLES_STATIC = $(if $(BR2_STATIC_LIBS),static) EBTABLES_K64U32 = $(if $(BR2_KERNEL_64_USERLAND_32),-DKERNEL_64_USERSPACE_32) diff --git a/package/ethtool/ethtool.mk b/package/ethtool/ethtool.mk index ce4f2d862d..759d7d6fb6 100644 --- a/package/ethtool/ethtool.mk +++ b/package/ethtool/ethtool.mk @@ -9,6 +9,7 @@ ETHTOOL_SOURCE = ethtool-$(ETHTOOL_VERSION).tar.xz ETHTOOL_SITE = $(BR2_KERNEL_MIRROR)/software/network/ethtool ETHTOOL_LICENSE = GPL-2.0 ETHTOOL_LICENSE_FILES = LICENSE COPYING +ETHTOOL_CPE_ID_VENDOR = kernel ETHTOOL_CONF_OPTS = \ $(if $(BR2_PACKAGE_ETHTOOL_PRETTY_PRINT),--enable-pretty-dump,--disable-pretty-dump) diff --git a/package/expat/expat.mk b/package/expat/expat.mk index 38e5dee75d..af3088b80c 100644 --- a/package/expat/expat.mk +++ b/package/expat/expat.mk @@ -12,6 +12,7 @@ EXPAT_DEPENDENCIES = host-pkgconf HOST_EXPAT_DEPENDENCIES = host-pkgconf EXPAT_LICENSE = MIT EXPAT_LICENSE_FILES = COPYING +EXPAT_CPE_ID_VENDOR = libexpat EXPAT_CONF_OPTS = --without-docbook HOST_EXPAT_CONF_OPTS = --without-docbook diff --git a/package/gdb/gdb.mk b/package/gdb/gdb.mk index 8c74a0e2f6..ea4ec7bdc6 100644 --- a/package/gdb/gdb.mk +++ b/package/gdb/gdb.mk @@ -22,6 +22,7 @@ endif GDB_LICENSE = GPL-2.0+, LGPL-2.0+, GPL-3.0+, LGPL-3.0+ GDB_LICENSE_FILES = COPYING COPYING.LIB COPYING3 COPYING3.LIB +GDB_CPE_ID_VENDOR = gnu # We only want gdbserver and not the entire debugger. ifeq ($(BR2_PACKAGE_GDB_DEBUGGER),) diff --git a/package/gesftpserver/gesftpserver.mk b/package/gesftpserver/gesftpserver.mk index ff7ce768ae..07718a4c42 100644 --- a/package/gesftpserver/gesftpserver.mk +++ b/package/gesftpserver/gesftpserver.mk @@ -12,6 +12,8 @@ GESFTPSERVER_LICENSE_FILES = COPYING # "Missing prototype" warning treated as error GESFTPSERVER_CONF_OPTS = --disable-warnings-as-errors +GESFTPSERVER_CPE_ID_VENDOR = green_end +GESFTPSERVER_CPE_ID_NAME = sftpserver # forgets to link against pthread when cross compiling GESFTPSERVER_CONF_ENV = LIBS=-lpthread diff --git a/package/glibc/glibc.mk b/package/glibc/glibc.mk index 4621c9c2f9..81be3435b5 100644 --- a/package/glibc/glibc.mk +++ b/package/glibc/glibc.mk @@ -29,6 +29,7 @@ endif GLIBC_LICENSE = GPL-2.0+ (programs), LGPL-2.1+, BSD-3-Clause, MIT (library) GLIBC_LICENSE_FILES = COPYING COPYING.LIB LICENSES +GLIBC_CPE_ID_VENDOR = gnu # glibc is part of the toolchain so disable the toolchain dependency GLIBC_ADD_TOOLCHAIN_DEPENDENCY = NO diff --git a/package/gmp/gmp.mk b/package/gmp/gmp.mk index d124463a98..a79d5b7d9a 100644 --- a/package/gmp/gmp.mk +++ b/package/gmp/gmp.mk @@ -10,6 +10,7 @@ GMP_SOURCE = gmp-$(GMP_VERSION).tar.xz GMP_INSTALL_STAGING = YES GMP_LICENSE = LGPL-3.0+ or GPL-2.0+ GMP_LICENSE_FILES = COPYING.LESSERv3 COPYINGv2 +GMP_CPE_ID_VENDOR = gmplib GMP_DEPENDENCIES = host-m4 HOST_GMP_DEPENDENCIES = host-m4 diff --git a/package/gnupg/gnupg.mk b/package/gnupg/gnupg.mk index 617def884e..ba424fed96 100644 --- a/package/gnupg/gnupg.mk +++ b/package/gnupg/gnupg.mk @@ -10,6 +10,7 @@ GNUPG_SITE = https://gnupg.org/ftp/gcrypt/gnupg GNUPG_LICENSE = GPL-3.0+ GNUPG_LICENSE_FILES = COPYING GNUPG_DEPENDENCIES = zlib $(if $(BR2_PACKAGE_LIBICONV),libiconv) +GNUPG_CPE_ID_VENDOR = $(GNUPG_NAME) GNUPG_CONF_ENV = ac_cv_sys_symbol_underscore=no GNUPG_CONF_OPTS = \ --disable-rpath \ diff --git a/package/gnutls/gnutls.mk b/package/gnutls/gnutls.mk index a1dfce62a2..1e98746441 100644 --- a/package/gnutls/gnutls.mk +++ b/package/gnutls/gnutls.mk @@ -17,6 +17,7 @@ GNUTLS_LICENSE_FILES += doc/COPYING endif GNUTLS_DEPENDENCIES = host-pkgconf libtasn1 nettle pcre +GNUTLS_CPE_ID_VENDOR = gnu GNUTLS_CONF_OPTS = \ --disable-doc \ --disable-guile \ diff --git a/package/grep/grep.mk b/package/grep/grep.mk index ef1bbb4487..204c74f3b8 100644 --- a/package/grep/grep.mk +++ b/package/grep/grep.mk @@ -9,6 +9,7 @@ GREP_SITE = $(BR2_GNU_MIRROR)/grep GREP_SOURCE = grep-$(GREP_VERSION).tar.xz GREP_LICENSE = GPL-3.0+ GREP_LICENSE_FILES = COPYING +GREP_CPE_ID_VENDOR = gnu GREP_DEPENDENCIES = $(TARGET_NLS_DEPENDENCIES) # install into /bin like busybox grep GREP_CONF_OPTS = --exec-prefix=/ diff --git a/package/gtest/gtest.mk b/package/gtest/gtest.mk index 7f967b8bfb..fc51d9f7a2 100644 --- a/package/gtest/gtest.mk +++ b/package/gtest/gtest.mk @@ -10,6 +10,8 @@ GTEST_INSTALL_STAGING = YES GTEST_INSTALL_TARGET = NO GTEST_LICENSE = BSD-3-Clause GTEST_LICENSE_FILES = googletest/LICENSE +GTEST_CPE_ID_VENDOR = google +GTEST_CPE_ID_NAME = google_test ifeq ($(BR2_PACKAGE_GTEST_GMOCK),y) GTEST_DEPENDENCIES += host-gtest diff --git a/package/gzip/gzip.mk b/package/gzip/gzip.mk index 17b27b497c..c8fd3ddb7a 100644 --- a/package/gzip/gzip.mk +++ b/package/gzip/gzip.mk @@ -11,6 +11,7 @@ GZIP_SITE = $(BR2_GNU_MIRROR)/gzip GZIP_CONF_OPTS = --exec-prefix=/ GZIP_LICENSE = GPL-3.0+ GZIP_LICENSE_FILES = COPYING +GZIP_CPE_ID_VENDOR = gnu GZIP_CONF_ENV += gl_cv_func_fflush_stdin=yes HOST_GZIP_CONF_ENV += gl_cv_func_fflush_stdin=yes # configure substitutes $(SHELL) for the shell shebang in scripts like diff --git a/package/hostapd/hostapd.mk b/package/hostapd/hostapd.mk index b94a0e4578..61576c9323 100644 --- a/package/hostapd/hostapd.mk +++ b/package/hostapd/hostapd.mk @@ -16,6 +16,7 @@ HOSTAPD_LICENSE_FILES = README # 0001-AP-Silently-ignore-management-frame-from-unexpected-.patch HOSTAPD_IGNORE_CVES += CVE-2019-16275 +HOSTAPD_CPE_ID_VENDOR = w1.fi HOSTAPD_CONFIG_SET = HOSTAPD_CONFIG_ENABLE = \ diff --git a/package/ifupdown/ifupdown.mk b/package/ifupdown/ifupdown.mk index 84d24aedab..e62c2a79c5 100644 --- a/package/ifupdown/ifupdown.mk +++ b/package/ifupdown/ifupdown.mk @@ -9,6 +9,7 @@ IFUPDOWN_SOURCE = ifupdown_$(IFUPDOWN_VERSION).tar.xz IFUPDOWN_SITE = http://snapshot.debian.org/archive/debian/20160922T165503Z/pool/main/i/ifupdown IFUPDOWN_LICENSE = GPL-2.0+ IFUPDOWN_LICENSE_FILES = COPYING +IFUPDOWN_CPE_ID_VENDOR = debian define IFUPDOWN_BUILD_CMDS $(TARGET_MAKE_ENV) $(MAKE) $(TARGET_CONFIGURE_OPTS) \ diff --git a/package/iperf/iperf.mk b/package/iperf/iperf.mk index 7088b0f152..f1e65e7545 100644 --- a/package/iperf/iperf.mk +++ b/package/iperf/iperf.mk @@ -8,6 +8,8 @@ IPERF_VERSION = 2.0.13 IPERF_SITE = http://downloads.sourceforge.net/project/iperf2 IPERF_LICENSE = MIT-like IPERF_LICENSE_FILES = COPYING +IPERF_CPE_ID_VENDOR = $(IPERF_NAME)2_project +IPERF_CPE_ID_NAME = $(IPERF_NAME)2 IPERF_CONF_OPTS = \ --disable-web100 diff --git a/package/iperf3/iperf3.mk b/package/iperf3/iperf3.mk index 3537b23824..d29eb8505e 100644 --- a/package/iperf3/iperf3.mk +++ b/package/iperf3/iperf3.mk @@ -9,6 +9,7 @@ IPERF3_SITE = https://downloads.es.net/pub/iperf IPERF3_SOURCE = iperf-$(IPERF3_VERSION).tar.gz IPERF3_LICENSE = BSD-3-Clause, BSD-2-Clause, MIT IPERF3_LICENSE_FILES = LICENSE +IPERF3_CPE_ID_VENDOR = es IPERF3_CONF_ENV += CFLAGS="$(TARGET_CFLAGS) -D_GNU_SOURCE" diff --git a/package/ipset/ipset.mk b/package/ipset/ipset.mk index 869763d322..cea3ee0e05 100644 --- a/package/ipset/ipset.mk +++ b/package/ipset/ipset.mk @@ -11,6 +11,7 @@ IPSET_DEPENDENCIES = libmnl host-pkgconf IPSET_CONF_OPTS = --with-kmod=no IPSET_LICENSE = GPL-2.0 IPSET_LICENSE_FILES = COPYING +IPSET_CPE_ID_VENDOR = netfilter IPSET_INSTALL_STAGING = YES $(eval $(autotools-package)) diff --git a/package/iptables/iptables.mk b/package/iptables/iptables.mk index 7b964aaf41..f4ddbcefd8 100644 --- a/package/iptables/iptables.mk +++ b/package/iptables/iptables.mk @@ -12,6 +12,7 @@ IPTABLES_DEPENDENCIES = host-pkgconf \ $(if $(BR2_PACKAGE_LIBNETFILTER_CONNTRACK),libnetfilter_conntrack) IPTABLES_LICENSE = GPL-2.0 IPTABLES_LICENSE_FILES = COPYING +IPTABLES_CPE_ID_VENDOR = netfilter # Building static causes ugly warnings on some plugins IPTABLES_CONF_OPTS = --libexecdir=/usr/lib --with-kernel=$(STAGING_DIR)/usr \ $(if $(BR2_STATIC_LIBS),,--disable-static) diff --git a/package/iw/iw.mk b/package/iw/iw.mk index 2250ea413b..a232cc8baa 100644 --- a/package/iw/iw.mk +++ b/package/iw/iw.mk @@ -9,6 +9,7 @@ IW_SOURCE = iw-$(IW_VERSION).tar.xz IW_SITE = $(BR2_KERNEL_MIRROR)/software/network/iw IW_LICENSE = ISC IW_LICENSE_FILES = COPYING +IW_CPE_ID_VENDOR = kernel IW_DEPENDENCIES = host-pkgconf libnl IW_MAKE_ENV = \ $(TARGET_MAKE_ENV) \ diff --git a/package/kmod/kmod.mk b/package/kmod/kmod.mk index 0a79b2cf4d..c44764ea18 100644 --- a/package/kmod/kmod.mk +++ b/package/kmod/kmod.mk @@ -15,6 +15,8 @@ HOST_KMOD_DEPENDENCIES = host-pkgconf KMOD_LICENSE = LGPL-2.1+ (library) KMOD_LICENSE_FILES = libkmod/COPYING +KMOD_CPE_ID_VENDOR = kernel + # --gc-sections triggers binutils ld segfault # https://sourceware.org/bugzilla/show_bug.cgi?id=21180 ifeq ($(BR2_microblaze),y) diff --git a/package/libarchive/libarchive.mk b/package/libarchive/libarchive.mk index 4aabbea560..366af22487 100644 --- a/package/libarchive/libarchive.mk +++ b/package/libarchive/libarchive.mk @@ -9,6 +9,7 @@ LIBARCHIVE_SITE = https://www.libarchive.de/downloads LIBARCHIVE_INSTALL_STAGING = YES LIBARCHIVE_LICENSE = BSD-2-Clause, BSD-3-Clause, CC0-1.0, OpenSSL, Apache-2.0 LIBARCHIVE_LICENSE_FILES = COPYING +LIBARCHIVE_CPE_ID_VENDOR = $(LIBARCHIVE_NAME) ifeq ($(BR2_PACKAGE_LIBARCHIVE_BSDTAR),y) ifeq ($(BR2_STATIC_LIBS),y) diff --git a/package/libcurl/libcurl.mk b/package/libcurl/libcurl.mk index 7a29634c68..36687bb57d 100644 --- a/package/libcurl/libcurl.mk +++ b/package/libcurl/libcurl.mk @@ -12,6 +12,8 @@ LIBCURL_DEPENDENCIES = host-pkgconf \ $(if $(BR2_PACKAGE_RTMPDUMP),rtmpdump) LIBCURL_LICENSE = curl LIBCURL_LICENSE_FILES = COPYING +LIBCURL_CPE_ID_VENDOR = haxx +LIBCURL_CPE_ID_NAME = libcurl LIBCURL_INSTALL_STAGING = YES # We disable NTLM support because it uses fork(), which doesn't work diff --git a/package/libestr/libestr.mk b/package/libestr/libestr.mk index 30960f7257..6ce22efae2 100644 --- a/package/libestr/libestr.mk +++ b/package/libestr/libestr.mk @@ -8,6 +8,7 @@ LIBESTR_VERSION = 0.1.11 LIBESTR_SITE = http://libestr.adiscon.com/files/download LIBESTR_LICENSE = LGPL-2.1+ LIBESTR_LICENSE_FILES = COPYING +LIBESTR_CPE_ID_VENDOR = adiscon LIBESTR_INSTALL_STAGING = YES $(eval $(autotools-package)) diff --git a/package/libfastjson/libfastjson.mk b/package/libfastjson/libfastjson.mk index ecca72f56c..37dbd7e03e 100644 --- a/package/libfastjson/libfastjson.mk +++ b/package/libfastjson/libfastjson.mk @@ -12,5 +12,6 @@ LIBFASTJSON_CONF_ENV = ac_cv_prog_cc_c99='-std=gnu99' LIBFASTJSON_AUTORECONF = YES LIBFASTJSON_LICENSE = MIT LIBFASTJSON_LICENSE_FILES = COPYING +LIBFASTJSON_CPE_ID_VENDOR = rsyslog $(eval $(autotools-package)) diff --git a/package/libfcgi/libfcgi.mk b/package/libfcgi/libfcgi.mk index c158df2395..c40d9c5970 100644 --- a/package/libfcgi/libfcgi.mk +++ b/package/libfcgi/libfcgi.mk @@ -8,6 +8,8 @@ LIBFCGI_VERSION = 2.4.2 LIBFCGI_SITE = $(call github,FastCGI-Archives,fcgi2,$(LIBFCGI_VERSION)) LIBFCGI_LICENSE = OML LIBFCGI_LICENSE_FILES = LICENSE.TERMS +LIBFCGI_CPE_ID_VENDOR = fastcgi +LIBFCGI_CPE_ID_NAME = fcgi LIBFCGI_INSTALL_STAGING = YES LIBFCGI_AUTORECONF = YES diff --git a/package/libffi/libffi.mk b/package/libffi/libffi.mk index 722a03dca0..e87a024040 100644 --- a/package/libffi/libffi.mk +++ b/package/libffi/libffi.mk @@ -6,6 +6,8 @@ LIBFFI_VERSION = 3.3 LIBFFI_SITE = $(call github,libffi,libffi,v$(LIBFFI_VERSION)) +LIBFFI_CPE_ID_VERSION = 3.3 +LIBFFI_CPE_ID_VERSION_MINOR = rc0 LIBFFI_LICENSE = MIT LIBFFI_LICENSE_FILES = LICENSE LIBFFI_INSTALL_STAGING = YES diff --git a/package/libgcrypt/libgcrypt.mk b/package/libgcrypt/libgcrypt.mk index d21513bd39..12fdcab422 100644 --- a/package/libgcrypt/libgcrypt.mk +++ b/package/libgcrypt/libgcrypt.mk @@ -12,6 +12,7 @@ LIBGCRYPT_SITE = https://gnupg.org/ftp/gcrypt/libgcrypt LIBGCRYPT_INSTALL_STAGING = YES LIBGCRYPT_DEPENDENCIES = libgpg-error LIBGCRYPT_CONFIG_SCRIPTS = libgcrypt-config +LIBGCRYPT_CPE_ID_VENDOR = gnupg # Patching acinclude.m4 in 0001 # Patching configure.ac and Makefile.am in 0002 diff --git a/package/libglib2/libglib2.mk b/package/libglib2/libglib2.mk index 7106124d72..8eea7e96e4 100644 --- a/package/libglib2/libglib2.mk +++ b/package/libglib2/libglib2.mk @@ -10,6 +10,8 @@ LIBGLIB2_SOURCE = glib-$(LIBGLIB2_VERSION).tar.xz LIBGLIB2_SITE = http://ftp.gnome.org/pub/gnome/sources/glib/$(LIBGLIB2_VERSION_MAJOR) LIBGLIB2_LICENSE = LGPL-2.1+ LIBGLIB2_LICENSE_FILES = COPYING +LIBGLIB2_CPE_ID_VENDOR = gnome +LIBGLIB2_CPE_ID_NAME = glib LIBGLIB2_INSTALL_STAGING = YES LIBGLIB2_CFLAGS = $(TARGET_CFLAGS) diff --git a/package/libgpg-error/libgpg-error.mk b/package/libgpg-error/libgpg-error.mk index 6281faa662..05c7f710f2 100644 --- a/package/libgpg-error/libgpg-error.mk +++ b/package/libgpg-error/libgpg-error.mk @@ -9,6 +9,7 @@ LIBGPG_ERROR_SITE = https://www.gnupg.org/ftp/gcrypt/libgpg-error LIBGPG_ERROR_SOURCE = libgpg-error-$(LIBGPG_ERROR_VERSION).tar.bz2 LIBGPG_ERROR_LICENSE = GPL-2.0+, LGPL-2.1+ LIBGPG_ERROR_LICENSE_FILES = COPYING COPYING.LIB +LIBGPG_ERROR_CPE_ID_VENDOR = gnupg LIBGPG_ERROR_INSTALL_STAGING = YES LIBGPG_ERROR_CONFIG_SCRIPTS = gpg-error-config LIBGPG_ERROR_DEPENDENCIES = $(TARGET_NLS_DEPENDENCIES) diff --git a/package/liblogging/liblogging.mk b/package/liblogging/liblogging.mk index c756891a86..24375b56b4 100644 --- a/package/liblogging/liblogging.mk +++ b/package/liblogging/liblogging.mk @@ -8,6 +8,7 @@ LIBLOGGING_VERSION = 1.0.6 LIBLOGGING_SITE = http://download.rsyslog.com/liblogging LIBLOGGING_LICENSE = BSD-2-Clause LIBLOGGING_LICENSE_FILES = COPYING +LIBLOGGING_CPE_ID_VENDOR = adiscon LIBLOGGING_INSTALL_STAGING = YES LIBLOGGING_CONF_OPTS = --enable-cached-man-pages diff --git a/package/libmbim/libmbim.mk b/package/libmbim/libmbim.mk index 67cfd2bc0b..c61315ea68 100644 --- a/package/libmbim/libmbim.mk +++ b/package/libmbim/libmbim.mk @@ -9,6 +9,7 @@ LIBMBIM_SITE = https://www.freedesktop.org/software/libmbim LIBMBIM_SOURCE = libmbim-$(LIBMBIM_VERSION).tar.xz LIBMBIM_LICENSE = LGPL-2.0+ (library), GPL-2.0+ (programs) LIBMBIM_LICENSE_FILES = COPYING COPYING.LIB +LIBMBIM_CPE_ID_VENDOR = freedesktop LIBMBIM_INSTALL_STAGING = YES LIBMBIM_DEPENDENCIES = libglib2 diff --git a/package/libmnl/libmnl.mk b/package/libmnl/libmnl.mk index 7fcce4c21f..d3b33db2e0 100644 --- a/package/libmnl/libmnl.mk +++ b/package/libmnl/libmnl.mk @@ -10,5 +10,6 @@ LIBMNL_SITE = http://netfilter.org/projects/libmnl/files LIBMNL_INSTALL_STAGING = YES LIBMNL_LICENSE = LGPL-2.1+ LIBMNL_LICENSE_FILES = COPYING +LIBMNL_CPE_ID_VENDOR = netfilter $(eval $(autotools-package)) diff --git a/package/libnetfilter_conntrack/libnetfilter_conntrack.mk b/package/libnetfilter_conntrack/libnetfilter_conntrack.mk index 8beefefb51..0a5a94be8f 100644 --- a/package/libnetfilter_conntrack/libnetfilter_conntrack.mk +++ b/package/libnetfilter_conntrack/libnetfilter_conntrack.mk @@ -11,5 +11,6 @@ LIBNETFILTER_CONNTRACK_INSTALL_STAGING = YES LIBNETFILTER_CONNTRACK_DEPENDENCIES = host-pkgconf libnfnetlink libmnl LIBNETFILTER_CONNTRACK_LICENSE = GPL-2.0+ LIBNETFILTER_CONNTRACK_LICENSE_FILES = COPYING +LIBNETFILTER_CONNTRACK_CPE_ID_VENDOR = netfilter $(eval $(autotools-package)) diff --git a/package/libnetfilter_cthelper/libnetfilter_cthelper.mk b/package/libnetfilter_cthelper/libnetfilter_cthelper.mk index 61d6acd07c..d74ea4d0fd 100644 --- a/package/libnetfilter_cthelper/libnetfilter_cthelper.mk +++ b/package/libnetfilter_cthelper/libnetfilter_cthelper.mk @@ -12,5 +12,6 @@ LIBNETFILTER_CTHELPER_DEPENDENCIES = host-pkgconf libmnl LIBNETFILTER_CTHELPER_AUTORECONF = YES LIBNETFILTER_CTHELPER_LICENSE = GPL-2.0+ LIBNETFILTER_CTHELPER_LICENSE_FILES = COPYING +LIBNETFILTER_CTHELPER_CPE_ID_VENDOR = netfilter $(eval $(autotools-package)) diff --git a/package/libnetfilter_cttimeout/libnetfilter_cttimeout.mk b/package/libnetfilter_cttimeout/libnetfilter_cttimeout.mk index 9c4c951687..f5c5067b64 100644 --- a/package/libnetfilter_cttimeout/libnetfilter_cttimeout.mk +++ b/package/libnetfilter_cttimeout/libnetfilter_cttimeout.mk @@ -12,5 +12,6 @@ LIBNETFILTER_CTTIMEOUT_DEPENDENCIES = host-pkgconf libmnl LIBNETFILTER_CTTIMEOUT_AUTORECONF = YES LIBNETFILTER_CTTIMEOUT_LICENSE = GPL-2.0+ LIBNETFILTER_CTTIMEOUT_LICENSE_FILES = COPYING +LIBNETFILTER_CTTIMEOUT_CPE_ID_VENDOR = netfilter $(eval $(autotools-package)) diff --git a/package/libnetfilter_queue/libnetfilter_queue.mk b/package/libnetfilter_queue/libnetfilter_queue.mk index 302f9a2575..5556969fde 100644 --- a/package/libnetfilter_queue/libnetfilter_queue.mk +++ b/package/libnetfilter_queue/libnetfilter_queue.mk @@ -12,5 +12,6 @@ LIBNETFILTER_QUEUE_DEPENDENCIES = host-pkgconf libnfnetlink libmnl LIBNETFILTER_QUEUE_AUTORECONF = YES LIBNETFILTER_QUEUE_LICENSE = GPL-2.0+ LIBNETFILTER_QUEUE_LICENSE_FILES = COPYING +LIBNETFILTER_QUEUE_CPE_ID_VENDOR = netfilter $(eval $(autotools-package)) diff --git a/package/libnfnetlink/libnfnetlink.mk b/package/libnfnetlink/libnfnetlink.mk index 13f5d72c87..a5ad47b85e 100644 --- a/package/libnfnetlink/libnfnetlink.mk +++ b/package/libnfnetlink/libnfnetlink.mk @@ -11,5 +11,6 @@ LIBNFNETLINK_AUTORECONF = YES LIBNFNETLINK_INSTALL_STAGING = YES LIBNFNETLINK_LICENSE = GPL-2.0 LIBNFNETLINK_LICENSE_FILES = COPYING +LIBNFNETLINK_CPE_ID_VENDOR = netfilter $(eval $(autotools-package)) diff --git a/package/libopenssl/Config.in b/package/libopenssl/Config.in index 881518d1cb..3aa5b88017 100644 --- a/package/libopenssl/Config.in +++ b/package/libopenssl/Config.in @@ -45,3 +45,14 @@ config BR2_PACKAGE_LIBOPENSSL_ENGINES Install additional encryption engine libraries. endif # BR2_PACKAGE_LIBOPENSSL +# See package/openssl/Config.in for the actual kconfig +# of this package. This file provides a URL for CPE use. + +# help +# A collaborative effort to develop a robust, commercial-grade, +# fully featured, and Open Source toolkit implementing the +# Secure Sockets Layer (SSL v2/v3) and Transport Security +# (TLS v1) as well as a full-strength general-purpose +# cryptography library. +# +# http://www.openssl.org/ diff --git a/package/libopenssl/libopenssl.mk b/package/libopenssl/libopenssl.mk index a300458f85..bb4747f4c0 100644 --- a/package/libopenssl/libopenssl.mk +++ b/package/libopenssl/libopenssl.mk @@ -15,6 +15,8 @@ HOST_LIBOPENSSL_DEPENDENCIES = host-zlib LIBOPENSSL_TARGET_ARCH = $(call qstrip,$(BR2_PACKAGE_LIBOPENSSL_TARGET_ARCH)) LIBOPENSSL_CFLAGS = $(TARGET_CFLAGS) LIBOPENSSL_PROVIDES = openssl +LIBOPENSSL_CPE_ID_VENDOR = $(LIBOPENSSL_PROVIDES) +LIBOPENSSL_CPE_ID_NAME = $(LIBOPENSSL_PROVIDES) ifeq ($(BR2_m68k_cf),y) # relocation truncated to fit: R_68K_GOT16O diff --git a/package/libpcap/libpcap.mk b/package/libpcap/libpcap.mk index 881a109a0a..e323461529 100644 --- a/package/libpcap/libpcap.mk +++ b/package/libpcap/libpcap.mk @@ -8,6 +8,7 @@ LIBPCAP_VERSION = 1.9.1 LIBPCAP_SITE = http://www.tcpdump.org/release LIBPCAP_LICENSE = BSD-3-Clause LIBPCAP_LICENSE_FILES = LICENSE +LIBPCAP_CPE_ID_VENDOR = tcpdump LIBPCAP_INSTALL_STAGING = YES LIBPCAP_DEPENDENCIES = host-flex host-bison diff --git a/package/libselinux/libselinux.mk b/package/libselinux/libselinux.mk index d0e7b66241..bd728e6bc6 100644 --- a/package/libselinux/libselinux.mk +++ b/package/libselinux/libselinux.mk @@ -8,6 +8,7 @@ LIBSELINUX_VERSION = 3.0 LIBSELINUX_SITE = https://github.com/SELinuxProject/selinux/releases/download/20191204 LIBSELINUX_LICENSE = Public Domain LIBSELINUX_LICENSE_FILES = LICENSE +LIBSELINUX_CPE_ID_VENDOR = selinuxproject LIBSELINUX_DEPENDENCIES = $(BR2_COREUTILS_HOST_DEPENDENCY) libsepol pcre diff --git a/package/libsemanage/libsemanage.mk b/package/libsemanage/libsemanage.mk index deba5fafcd..34c9e604c5 100644 --- a/package/libsemanage/libsemanage.mk +++ b/package/libsemanage/libsemanage.mk @@ -9,6 +9,7 @@ LIBSEMANAGE_SITE = https://github.com/SELinuxProject/selinux/releases/download/2 LIBSEMANAGE_LICENSE = LGPL-2.1+ LIBSEMANAGE_LICENSE_FILES = COPYING LIBSEMANAGE_DEPENDENCIES = host-bison host-flex audit libselinux bzip2 +LIBSEMANAGE_CPE_ID_VENDOR = selinuxproject LIBSEMANAGE_INSTALL_STAGING = YES LIBSEMANAGE_MAKE_OPTS = $(TARGET_CONFIGURE_OPTS) diff --git a/package/libsepol/libsepol.mk b/package/libsepol/libsepol.mk index 2d64c53bc3..59ba710dfe 100644 --- a/package/libsepol/libsepol.mk +++ b/package/libsepol/libsepol.mk @@ -8,6 +8,7 @@ LIBSEPOL_VERSION = 3.0 LIBSEPOL_SITE = https://github.com/SELinuxProject/selinux/releases/download/20191204 LIBSEPOL_LICENSE = LGPL-2.1+ LIBSEPOL_LICENSE_FILES = COPYING +LIBSEPOL_CPE_ID_VENDOR = selinuxproject LIBSEPOL_INSTALL_STAGING = YES LIBSEPOL_DEPENDENCIES = host-flex diff --git a/package/libssh2/libssh2.mk b/package/libssh2/libssh2.mk index c03fe0db55..eb66ab5643 100644 --- a/package/libssh2/libssh2.mk +++ b/package/libssh2/libssh2.mk @@ -8,6 +8,7 @@ LIBSSH2_VERSION = 1.9.0 LIBSSH2_SITE = https://www.libssh2.org/download LIBSSH2_LICENSE = BSD LIBSSH2_LICENSE_FILES = COPYING +LIBSSH2_CPE_ID_VENDOR = $(LIBSSH2_NAME) LIBSSH2_INSTALL_STAGING = YES LIBSSH2_CONF_OPTS = --disable-examples-build diff --git a/package/libsysfs/libsysfs.mk b/package/libsysfs/libsysfs.mk index 13edc9a4ea..fd8bfa6724 100644 --- a/package/libsysfs/libsysfs.mk +++ b/package/libsysfs/libsysfs.mk @@ -10,5 +10,7 @@ LIBSYSFS_SOURCE = sysfsutils-$(LIBSYSFS_VERSION).tar.gz LIBSYSFS_INSTALL_STAGING = YES LIBSYSFS_LICENSE = GPL-2.0 (utilities), LGPL-2.1+ (library) LIBSYSFS_LICENSE_FILES = cmd/GPL lib/LGPL +LIBSYSFS_CPE_ID_VENDOR = sysfsutils_project +LIBSYSFS_CPE_ID_NAME = sysfsutils $(eval $(autotools-package)) diff --git a/package/libtasn1/libtasn1.mk b/package/libtasn1/libtasn1.mk index d5a6c69965..a354716824 100644 --- a/package/libtasn1/libtasn1.mk +++ b/package/libtasn1/libtasn1.mk @@ -9,6 +9,7 @@ LIBTASN1_SITE = $(BR2_GNU_MIRROR)/libtasn1 LIBTASN1_DEPENDENCIES = host-bison host-pkgconf LIBTASN1_LICENSE = GPL-3.0+ (tests, tools), LGPL-2.1+ (library) LIBTASN1_LICENSE_FILES = LICENSE doc/COPYING doc/COPYING.LESSER +LIBTASN1_CPE_ID_VENDOR = gnu LIBTASN1_INSTALL_STAGING = YES # We're patching fuzz/Makefile.am diff --git a/package/libunistring/libunistring.mk b/package/libunistring/libunistring.mk index fa51447170..1ed7ecf906 100644 --- a/package/libunistring/libunistring.mk +++ b/package/libunistring/libunistring.mk @@ -10,6 +10,7 @@ LIBUNISTRING_SOURCE = libunistring-$(LIBUNISTRING_VERSION).tar.xz LIBUNISTRING_INSTALL_STAGING = YES LIBUNISTRING_LICENSE = LGPL-3.0+ or GPL-2.0 LIBUNISTRING_LICENSE_FILES = COPYING COPYING.LIB +LIBUNISTRING_CPE_ID_VENDOR = gnu $(eval $(autotools-package)) $(eval $(host-autotools-package)) diff --git a/package/libxml2/libxml2.mk b/package/libxml2/libxml2.mk index ea6a8c1f6d..76872a0d2d 100644 --- a/package/libxml2/libxml2.mk +++ b/package/libxml2/libxml2.mk @@ -13,6 +13,7 @@ LIBXML2_LICENSE_FILES = COPYING LIBXML2_IGNORE_CVES += CVE-2020-7595 # 0002-Fix-memory-leak-in-xmlSchemaValidateStream.patch LIBXML2_IGNORE_CVES += CVE-2019-20388 +LIBXML2_CPE_ID_VENDOR = xmlsoft LIBXML2_CONFIG_SCRIPTS = xml2-config # relocation truncated to fit: R_68K_GOT16O diff --git a/package/libxslt/libxslt.mk b/package/libxslt/libxslt.mk index 2f37f303ac..3c603ad9f6 100644 --- a/package/libxslt/libxslt.mk +++ b/package/libxslt/libxslt.mk @@ -9,6 +9,7 @@ LIBXSLT_SITE = http://xmlsoft.org/sources LIBXSLT_INSTALL_STAGING = YES LIBXSLT_LICENSE = MIT LIBXSLT_LICENSE_FILES = COPYING +LIBXSLT_CPE_ID_VENDOR = xmlsoft LIBXSLT_CONF_OPTS = \ --with-gnu-ld \ diff --git a/package/libzlib/libzlib.mk b/package/libzlib/libzlib.mk index eea0c12f22..a1e2640bac 100644 --- a/package/libzlib/libzlib.mk +++ b/package/libzlib/libzlib.mk @@ -11,6 +11,8 @@ LIBZLIB_LICENSE = Zlib LIBZLIB_LICENSE_FILES = README LIBZLIB_INSTALL_STAGING = YES LIBZLIB_PROVIDES = zlib +LIBZLIB_CPE_ID_VENDOR = gnu +LIBZLIB_CPE_ID_NAME = $(LIBZLIB_PROVIDES) # It is not possible to build only a shared version of zlib, so we build both # shared and static, unless we only want the static libs, and we eventually diff --git a/package/lighttpd/lighttpd.mk b/package/lighttpd/lighttpd.mk index 7181465c66..39600ef94b 100644 --- a/package/lighttpd/lighttpd.mk +++ b/package/lighttpd/lighttpd.mk @@ -10,6 +10,7 @@ LIGHTTPD_SOURCE = lighttpd-$(LIGHTTPD_VERSION).tar.xz LIGHTTPD_SITE = http://download.lighttpd.net/lighttpd/releases-$(LIGHTTPD_VERSION_MAJOR).x LIGHTTPD_LICENSE = BSD-3-Clause LIGHTTPD_LICENSE_FILES = COPYING +LIGHTTPD_CPE_ID_VENDOR = $(LIGHTTPD_NAME) LIGHTTPD_DEPENDENCIES = host-pkgconf LIGHTTPD_CONF_OPTS = \ --without-wolfssl \ diff --git a/package/linux-firmware/linux-firmware.mk b/package/linux-firmware/linux-firmware.mk index cbad8d592a..632afd70bb 100644 --- a/package/linux-firmware/linux-firmware.mk +++ b/package/linux-firmware/linux-firmware.mk @@ -8,6 +8,8 @@ LINUX_FIRMWARE_VERSION = 20200122 LINUX_FIRMWARE_SITE = http://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git LINUX_FIRMWARE_SITE_METHOD = git +LINUX_FIRMWARE_CPE_ID_VENDOR = kernel + # Intel SST DSP ifeq ($(BR2_PACKAGE_LINUX_FIRMWARE_INTEL_SST_DSP),y) LINUX_FIRMWARE_FILES += intel/fw_sst_0f28.bin-48kHz_i2s_master diff --git a/package/linux-headers/linux-headers.mk b/package/linux-headers/linux-headers.mk index 4c3cb716b3..4496295f2a 100644 --- a/package/linux-headers/linux-headers.mk +++ b/package/linux-headers/linux-headers.mk @@ -102,6 +102,8 @@ LINUX_HEADERS_LICENSE_FILES = \ LICENSES/preferred/GPL-2.0 \ LICENSES/exceptions/Linux-syscall-note endif +LINUX_HEADERS_CPE_ID_VENDOR = linux +LINUX_HEADERS_CPE_ID_NAME = linux_kernel LINUX_HEADERS_INSTALL_STAGING = YES diff --git a/package/linux-pam/linux-pam.mk b/package/linux-pam/linux-pam.mk index 63610fcc57..28bb5b9de0 100644 --- a/package/linux-pam/linux-pam.mk +++ b/package/linux-pam/linux-pam.mk @@ -22,6 +22,8 @@ LINUX_PAM_AUTORECONF = YES LINUX_PAM_LICENSE = BSD-3-Clause LINUX_PAM_LICENSE_FILES = Copyright LINUX_PAM_MAKE_OPTS += LIBS=$(TARGET_NLS_LIBS) +LINUX_PAM_CPE_ID_VENDOR = $(LINUX_PAM_NAME) +LINUX_PAM_CPE_ID_NAME = $(LINUX_PAM_NAME) ifeq ($(BR2_PACKAGE_LIBSELINUX),y) LINUX_PAM_CONF_OPTS += --enable-selinux diff --git a/package/llvm/llvm.mk b/package/llvm/llvm.mk index 24d033d124..177fff71bb 100644 --- a/package/llvm/llvm.mk +++ b/package/llvm/llvm.mk @@ -10,6 +10,7 @@ LLVM_SITE = https://github.com/llvm/llvm-project/releases/download/llvmorg-$(LLV LLVM_SOURCE = llvm-$(LLVM_VERSION).src.tar.xz LLVM_LICENSE = Apache-2.0 with exceptions LLVM_LICENSE_FILES = LICENSE.TXT +LLVM_CPE_ID_VENDOR = $(LLVM_NAME) LLVM_SUPPORTS_IN_SOURCE_BUILD = NO LLVM_INSTALL_STAGING = YES diff --git a/package/lxc/lxc.mk b/package/lxc/lxc.mk index 53e3c85c6d..9788f04230 100644 --- a/package/lxc/lxc.mk +++ b/package/lxc/lxc.mk @@ -8,6 +8,7 @@ LXC_VERSION = 3.2.1 LXC_SITE = https://linuxcontainers.org/downloads/lxc LXC_LICENSE = LGPL-2.1+ LXC_LICENSE_FILES = COPYING +LXC_CPE_ID_VENDOR = linuxcontainers LXC_DEPENDENCIES = host-pkgconf LXC_INSTALL_STAGING = YES # We're patching configure.ac diff --git a/package/lz4/lz4.mk b/package/lz4/lz4.mk index 1d32666ccc..856d791d8a 100644 --- a/package/lz4/lz4.mk +++ b/package/lz4/lz4.mk @@ -9,6 +9,7 @@ LZ4_SITE = $(call github,lz4,lz4,v$(LZ4_VERSION)) LZ4_INSTALL_STAGING = YES LZ4_LICENSE = BSD-2-Clause (library), GPL-2.0+ (programs) LZ4_LICENSE_FILES = lib/LICENSE programs/COPYING +LZ4_CPE_ID_VENDOR = yann_collet # CVE-2014-4715 is misclassified (by our CVE tracker) as affecting version # 1.9.2, while in fact this issue has been fixed since lz4-r130: diff --git a/package/memtester/memtester.mk b/package/memtester/memtester.mk index 0e64d8cde2..ec821adbe8 100644 --- a/package/memtester/memtester.mk +++ b/package/memtester/memtester.mk @@ -8,6 +8,7 @@ MEMTESTER_VERSION = 4.3.0 MEMTESTER_SITE = http://pyropus.ca/software/memtester/old-versions MEMTESTER_LICENSE = GPL-2.0 MEMTESTER_LICENSE_FILES = COPYING +MEMTESTER_CPE_ID_VENDOR = pryopus MEMTESTER_TARGET_INSTALL_OPTS = INSTALLPATH=$(TARGET_DIR)/usr diff --git a/package/mii-diag/mii-diag.mk b/package/mii-diag/mii-diag.mk index 6efd5be80d..a7c6483221 100644 --- a/package/mii-diag/mii-diag.mk +++ b/package/mii-diag/mii-diag.mk @@ -10,6 +10,7 @@ MII_DIAG_PATCH = mii-diag_$(MII_DIAG_VERSION)-3.diff.gz MII_DIAG_SITE = http://snapshot.debian.org/archive/debian/20141023T043132Z/pool/main/m/mii-diag MII_DIAG_LICENSE = GPL # No version specified MII_DIAG_LICENSE_FILES = mii-diag.c +MII_DIAG_CPE_ID_VENDOR = debian MII_DIAG_MAKE_OPTS = $(TARGET_CONFIGURE_OPTS) diff --git a/package/mpfr/mpfr.mk b/package/mpfr/mpfr.mk index ef2999eb16..837aff3aa5 100644 --- a/package/mpfr/mpfr.mk +++ b/package/mpfr/mpfr.mk @@ -9,6 +9,7 @@ MPFR_SITE = http://www.mpfr.org/mpfr-$(MPFR_VERSION) MPFR_SOURCE = mpfr-$(MPFR_VERSION).tar.xz MPFR_LICENSE = LGPL-3.0+ MPFR_LICENSE_FILES = COPYING.LESSER +MPFR_CPE_ID_VENDOR = gnu MPFR_INSTALL_STAGING = YES MPFR_DEPENDENCIES = gmp HOST_MPFR_DEPENDENCIES = host-gmp diff --git a/package/mrouted/mrouted.mk b/package/mrouted/mrouted.mk index b9a4eaba45..6ee7fd5dfd 100644 --- a/package/mrouted/mrouted.mk +++ b/package/mrouted/mrouted.mk @@ -9,6 +9,7 @@ MROUTED_SITE = $(call github,troglobit,mrouted,$(MROUTED_VERSION)) MROUTED_DEPENDENCIES = host-bison MROUTED_LICENSE = BSD-3-Clause MROUTED_LICENSE_FILES = LICENSE +MROUTED_CPE_ID_VENDOR = troglobit define MROUTED_CONFIGURE_CMDS (cd $(@D); \ diff --git a/package/mtd/mtd.mk b/package/mtd/mtd.mk index 3477460200..035b624ab2 100644 --- a/package/mtd/mtd.mk +++ b/package/mtd/mtd.mk @@ -9,6 +9,8 @@ MTD_SOURCE = mtd-utils-$(MTD_VERSION).tar.bz2 MTD_SITE = ftp://ftp.infradead.org/pub/mtd-utils MTD_LICENSE = GPL-2.0 MTD_LICENSE_FILES = COPYING +MTD_CPE_ID_VENDOR = mtd-utils_project +MTD_CPE_ID_NAME = mtd-utils MTD_INSTALL_STAGING = YES ifeq ($(BR2_PACKAGE_MTD_JFFS_UTILS),y) diff --git a/package/ncurses/ncurses.mk b/package/ncurses/ncurses.mk index c11650c766..5c5e497488 100644 --- a/package/ncurses/ncurses.mk +++ b/package/ncurses/ncurses.mk @@ -10,6 +10,7 @@ NCURSES_INSTALL_STAGING = YES NCURSES_DEPENDENCIES = host-ncurses NCURSES_LICENSE = MIT with advertising clause NCURSES_LICENSE_FILES = COPYING +NCURSES_CPE_ID_VENDOR = gnu NCURSES_CONFIG_SCRIPTS = ncurses$(NCURSES_LIB_SUFFIX)6-config NCURSES_PATCH = \ $(addprefix https://invisible-mirror.net/archives/ncurses/$(NCURSES_VERSION)/, \ diff --git a/package/netsnmp/netsnmp.mk b/package/netsnmp/netsnmp.mk index 904279d1fb..09ca33f754 100644 --- a/package/netsnmp/netsnmp.mk +++ b/package/netsnmp/netsnmp.mk @@ -9,6 +9,8 @@ NETSNMP_SITE = https://downloads.sourceforge.net/project/net-snmp/net-snmp/$(NET NETSNMP_SOURCE = net-snmp-$(NETSNMP_VERSION).tar.gz NETSNMP_LICENSE = Various BSD-like NETSNMP_LICENSE_FILES = COPYING +NETSNMP_CPE_ID_VENDOR = net-snmp +NETSNMP_CPE_ID_NAME = $(NETSNMP_CPE_ID_VENDOR) NETSNMP_INSTALL_STAGING = YES NETSNMP_CONF_ENV = ac_cv_NETSNMP_CAN_USE_SYSCTL=no NETSNMP_CONF_OPTS = \ diff --git a/package/nfs-utils/nfs-utils.mk b/package/nfs-utils/nfs-utils.mk index 7af229a57e..57d05b5c6b 100644 --- a/package/nfs-utils/nfs-utils.mk +++ b/package/nfs-utils/nfs-utils.mk @@ -10,6 +10,8 @@ NFS_UTILS_SITE = https://www.kernel.org/pub/linux/utils/nfs-utils/$(NFS_UTILS_VE NFS_UTILS_LICENSE = GPL-2.0+ NFS_UTILS_LICENSE_FILES = COPYING NFS_UTILS_DEPENDENCIES = host-nfs-utils host-pkgconf libtirpc +NFS_UTILS_CPE_ID_VENDOR = linux-nfs +NFS_UTILS_AUTORECONF = YES NFS_UTILS_CONF_ENV = knfsd_cv_bsd_signals=no diff --git a/package/openssh/openssh.mk b/package/openssh/openssh.mk index d50572128a..8b531a7a3e 100644 --- a/package/openssh/openssh.mk +++ b/package/openssh/openssh.mk @@ -5,6 +5,8 @@ ################################################################################ OPENSSH_VERSION = 8.2p1 +OPENSSH_CPE_ID_VERSION = 8.2 +OPENSSH_CPE_ID_VERSION_MINOR = p1 OPENSSH_SITE = http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable OPENSSH_LICENSE = BSD-3-Clause, BSD-2-Clause, Public Domain OPENSSH_LICENSE_FILES = LICENCE @@ -12,6 +14,7 @@ OPENSSH_CONF_ENV = \ LD="$(TARGET_CC)" \ LDFLAGS="$(TARGET_CFLAGS)" \ LIBS=`$(PKG_CONFIG_HOST_BINARY) --libs openssl` +OPENSSH_CPE_ID_VENDOR = openbsd OPENSSH_CONF_OPTS = \ --sysconfdir=/etc/ssh \ --with-default-path=$(BR2_SYSTEM_DEFAULT_PATH) \ diff --git a/package/pax-utils/pax-utils.mk b/package/pax-utils/pax-utils.mk index b31468eca2..a6618851ba 100644 --- a/package/pax-utils/pax-utils.mk +++ b/package/pax-utils/pax-utils.mk @@ -9,6 +9,7 @@ PAX_UTILS_SITE = http://distfiles.gentoo.org/distfiles PAX_UTILS_SOURCE = pax-utils-$(PAX_UTILS_VERSION).tar.xz PAX_UTILS_LICENSE = GPL-2.0 PAX_UTILS_LICENSE_FILES = COPYING +PAX_UTILS_CPE_ID_VENDOR = gentoo PAX_UTILS_DEPENDENCIES = host-pkgconf PAX_UTILS_CONF_OPTS = --without-python diff --git a/package/paxtest/paxtest.mk b/package/paxtest/paxtest.mk index e632e222c3..1b8d6699b6 100644 --- a/package/paxtest/paxtest.mk +++ b/package/paxtest/paxtest.mk @@ -8,6 +8,7 @@ PAXTEST_VERSION = 0.9.15 PAXTEST_SITE = https://www.grsecurity.net/~spender PAXTEST_LICENSE = GPL-2.0+ PAXTEST_LICENSE_FILES = README +PAXTEST_CPE_ID_VENDOR = grsecurity define PAXTEST_BUILD_CMDS $(TARGET_MAKE_ENV) $(TARGET_CONFIGURE_OPTS) $(MAKE) -C $(@D) \ diff --git a/package/pcre/pcre.mk b/package/pcre/pcre.mk index 3c280e593f..b37a2ca9b7 100644 --- a/package/pcre/pcre.mk +++ b/package/pcre/pcre.mk @@ -9,6 +9,7 @@ PCRE_SITE = https://ftp.pcre.org/pub/pcre PCRE_SOURCE = pcre-$(PCRE_VERSION).tar.bz2 PCRE_LICENSE = BSD-3-Clause PCRE_LICENSE_FILES = LICENCE +PCRE_CPE_ID_VENDOR = $(PCRE_NAME) PCRE_INSTALL_STAGING = YES PCRE_CONFIG_SCRIPTS = pcre-config diff --git a/package/pixman/pixman.mk b/package/pixman/pixman.mk index a446ebca46..52d4e36f2e 100644 --- a/package/pixman/pixman.mk +++ b/package/pixman/pixman.mk @@ -9,6 +9,7 @@ PIXMAN_SOURCE = pixman-$(PIXMAN_VERSION).tar.xz PIXMAN_SITE = https://xorg.freedesktop.org/releases/individual/lib PIXMAN_LICENSE = MIT PIXMAN_LICENSE_FILES = COPYING +PIXMAN_CPE_ID_VENDOR = $(PIXMAN_NAME) PIXMAN_INSTALL_STAGING = YES PIXMAN_DEPENDENCIES = host-pkgconf diff --git a/package/pkg-generic.mk b/package/pkg-generic.mk index f9385177ac..21e510365e 100644 --- a/package/pkg-generic.mk +++ b/package/pkg-generic.mk @@ -971,6 +971,41 @@ else $(2)_KCONFIG_VAR = BR2_PACKAGE_$(2) endif +$(2)_CPE_ID_VENDOR ?= $$($(2)_NAME)_project +$(2)_CPE_ID_NAME ?= $$($(2)_NAME) +$(2)_CPE_ID_VERSION ?= $$($(2)_VERSION) +$(2)_CPE_ID_VERSION_MINOR ?= * +$(2)_CPE_ID ?= $$($(2)_CPE_ID_VENDOR):$$($(2)_CPE_ID_NAME):$$($(2)_CPE_ID_VERSION):$$($(2)_CPE_ID_VERSION_MINOR) + +ifneq ($(filter linux linux-headers,$(1)),) +$(2)_CPE_PREFIX = $(CPE_PREFIX_OS) +else +$(2)_CPE_PREFIX = $(CPE_PREFIX_APP) +endif + +$(1)-cpe-info: PKG=$(2) +ifeq ($(BR2_TOOLCHAIN_EXTERNAL),y) +$(1)-cpe-info: toolchain +endif +$(1)-cpe-info: +ifeq ($$($(2)_TYPE),target) +ifneq ($$($(2)_NAME),toolchain-external) +ifneq ($(findstring TOOLCHAIN_EXTERNAL, $(2)),) +ifeq ($(BR2_TOOLCHAIN_EXTERNAL_GLIBC),y) + $$(eval $(2)_VERSION = $$(shell $$(call TOOLCHAIN_CPE_INFO))) + $$(eval $(2)_CPE_ID_VENDOR = gnu) + $$(eval $(2)_CPE_ID_NAME = glibc) + $$(eval $(2)_ACTUAL_SOURCE_SITE = https://github.com/bminor/glibc/releases) + $$(eval $(2)_RAWNAME = glibc) +endif # ifeq ($(BR2_TOOLCHAIN_EXTERNAL_CUSTOM_GLIBC),y) +endif # ifneq ($(findstring TOOLCHAIN_EXTERNAL, $(2)),) +endif # ifneq ($$($(2)_NAME),toolchain-external) +ifneq ($$(call qstrip,$$($(2)_SOURCE)),) + @$$(call MESSAGE,"Collecting cpe info") + $(Q)$$(call cpe-manifest,$$($(2)_CPE_PREFIX):$$($(2)_CPE_ID):$(CPE_SUFFIX),$$($(2)_RAWNAME),$$($(2)_VERSION),$$($(2)_ACTUAL_SOURCE_SITE)) +endif # ifneq ($$(call qstrip,$$($(2)_SOURCE)),) +endif # ifeq ($$($(2)_TYPE),target) + # legal-info: declare dependencies and set values used later for the manifest ifneq ($$($(2)_LICENSE_FILES),) $(2)_MANIFEST_LICENSE_FILES = $$($(2)_LICENSE_FILES) @@ -1116,6 +1151,7 @@ DL_TOOLS_DEPENDENCIES += $$(call extractor-system-dependency,$$($(2)_SOURCE)) $(1)-clean-for-reconfigure \ $(1)-clean-for-reinstall \ $(1)-configure \ + $(1)-cpe-info \ $(1)-depends \ $(1)-dirclean \ $(1)-external-deps \ diff --git a/package/pkg-utils.mk b/package/pkg-utils.mk index d88a14ab0f..9818eda12d 100644 --- a/package/pkg-utils.mk +++ b/package/pkg-utils.mk @@ -223,3 +223,11 @@ legal-deps = \ $(filter-out $(if $(1:host-%=),host-%),\ $(call non-virtual-deps,\ $($(call UPPERCASE,$(1))_FINAL_RECURSIVE_DEPENDENCIES))),$(p) [$($(call UPPERCASE,$(p))_LICENSE)]) + +# +# cpe-info helper functions +# + +define cpe-manifest # cpe, pkg name, version, url + echo '"$(1)","$(2)","$(3)","$(4)"' >>$(CPE_MANIFEST_CSV) +endef diff --git a/package/policycoreutils/policycoreutils.mk b/package/policycoreutils/policycoreutils.mk index a06c7847ab..183c9b4925 100644 --- a/package/policycoreutils/policycoreutils.mk +++ b/package/policycoreutils/policycoreutils.mk @@ -8,6 +8,7 @@ POLICYCOREUTILS_VERSION = 3.0 POLICYCOREUTILS_SITE = https://github.com/SELinuxProject/selinux/releases/download/20191204 POLICYCOREUTILS_LICENSE = GPL-2.0 POLICYCOREUTILS_LICENSE_FILES = COPYING +POLICYCOREUTILS_CPE_ID_VENDOR = selinuxproject POLICYCOREUTILS_DEPENDENCIES = libsemanage libcap-ng $(TARGET_NLS_DEPENDENCIES) POLICYCOREUTILS_MAKE_OPTS = LDLIBS=$(TARGET_NLS_LIBS) diff --git a/package/pppd/pppd.mk b/package/pppd/pppd.mk index 685666a200..118f9fc334 100644 --- a/package/pppd/pppd.mk +++ b/package/pppd/pppd.mk @@ -10,6 +10,8 @@ PPPD_LICENSE = LGPL-2.0+, LGPL, BSD-4-Clause, BSD-3-Clause, GPL-2.0+ PPPD_LICENSE_FILES = \ pppd/tdb.c pppd/plugins/pppoatm/COPYING \ pppdump/bsd-comp.c pppd/ccp.c pppd/plugins/passprompt.c +PPPD_CPE_ID_VENDOR = samba +PPPD_CPE_ID_NAME = ppp # 0001-pppd-Fix-bounds-check.patch PPPD_IGNORE_CVES += CVE-2020-8597 diff --git a/package/proftpd/proftpd.mk b/package/proftpd/proftpd.mk index e126d0e0a4..94276233c8 100644 --- a/package/proftpd/proftpd.mk +++ b/package/proftpd/proftpd.mk @@ -8,6 +8,7 @@ PROFTPD_VERSION = 1.3.6c PROFTPD_SITE = $(call github,proftpd,proftpd,v$(PROFTPD_VERSION)) PROFTPD_LICENSE = GPL-2.0+ PROFTPD_LICENSE_FILES = COPYING +PROFTPD_CPE_ID_VENDOR = $(PROFTPD_NAME) PROFTPD_CONF_ENV = \ ac_cv_func_setpgrp_void=yes \ diff --git a/package/protobuf/protobuf.mk b/package/protobuf/protobuf.mk index 381649a4e7..27792ca082 100644 --- a/package/protobuf/protobuf.mk +++ b/package/protobuf/protobuf.mk @@ -12,6 +12,7 @@ PROTOBUF_SOURCE = protobuf-cpp-$(PROTOBUF_VERSION).tar.gz PROTOBUF_SITE = https://github.com/google/protobuf/releases/download/v$(PROTOBUF_VERSION) PROTOBUF_LICENSE = BSD-3-Clause PROTOBUF_LICENSE_FILES = LICENSE +PROTOBUF_CPE_ID_VENDOR = google # N.B. Need to use host protoc during cross compilation. PROTOBUF_DEPENDENCIES = host-protobuf diff --git a/package/pure-ftpd/pure-ftpd.mk b/package/pure-ftpd/pure-ftpd.mk index 7b7c7d9637..7e3d18b433 100644 --- a/package/pure-ftpd/pure-ftpd.mk +++ b/package/pure-ftpd/pure-ftpd.mk @@ -9,6 +9,7 @@ PURE_FTPD_SITE = https://download.pureftpd.org/pub/pure-ftpd/releases PURE_FTPD_SOURCE = pure-ftpd-$(PURE_FTPD_VERSION).tar.bz2 PURE_FTPD_LICENSE = ISC PURE_FTPD_LICENSE_FILES = COPYING +PURE_FTPD_CPE_ID_VENDOR = pureftpd PURE_FTPD_DEPENDENCIES = $(if $(BR2_PACKAGE_LIBICONV),libiconv) # 0001-listdir-reuse-a-single-buffer-to-store-every-file-name-to-display.patch diff --git a/package/python-lxml/python-lxml.mk b/package/python-lxml/python-lxml.mk index cfb87bb6fd..2659a0b982 100644 --- a/package/python-lxml/python-lxml.mk +++ b/package/python-lxml/python-lxml.mk @@ -15,6 +15,8 @@ PYTHON_LXML_LICENSE_FILES = \ doc/licenses/BSD.txt \ doc/licenses/elementtree.txt \ src/lxml/isoschematron/resources/rng/iso-schematron.rng +PYTHON_LXML_CPE_ID_VENDOR = lxml +PYTHON_LXML_CPE_ID_NAME = lxml # python-lxml can use either setuptools, or distutils as a fallback. # So, we use setuptools. diff --git a/package/python-setuptools/python-setuptools.mk b/package/python-setuptools/python-setuptools.mk index 2cb575ae22..ade5ca5521 100644 --- a/package/python-setuptools/python-setuptools.mk +++ b/package/python-setuptools/python-setuptools.mk @@ -11,6 +11,8 @@ PYTHON_SETUPTOOLS_SOURCE = setuptools-$(PYTHON_SETUPTOOLS_VERSION).zip PYTHON_SETUPTOOLS_SITE = https://files.pythonhosted.org/packages/b0/f3/44da7482ac6da3f36f68e253cb04de37365b3dba9036a3c70773b778b485 PYTHON_SETUPTOOLS_LICENSE = MIT PYTHON_SETUPTOOLS_LICENSE_FILES = LICENSE +PYTHON_SETUPTOOLS_CPE_ID_VENDOR = python +PYTHON_SETUPTOOLS_CPE_ID_NAME = setuptools PYTHON_SETUPTOOLS_SETUP_TYPE = setuptools HOST_PYTHON_SETUPTOOLS_NEEDS_HOST_PYTHON = python2 diff --git a/package/python/python.mk b/package/python/python.mk index ccaaadd012..2d4c5a3721 100644 --- a/package/python/python.mk +++ b/package/python/python.mk @@ -10,6 +10,7 @@ PYTHON_SOURCE = Python-$(PYTHON_VERSION).tar.xz PYTHON_SITE = https://python.org/ftp/python/$(PYTHON_VERSION) PYTHON_LICENSE = Python-2.0, others PYTHON_LICENSE_FILES = LICENSE +PYTHON_CPE_ID_VENDOR = $(PYTHON_NAME) PYTHON_LIBTOOL_PATCH = NO # Python needs itself to be built, so in order to cross-compile diff --git a/package/qemu/qemu.mk b/package/qemu/qemu.mk index 7fe64e3605..2efc09670e 100644 --- a/package/qemu/qemu.mk +++ b/package/qemu/qemu.mk @@ -12,6 +12,7 @@ QEMU_LICENSE_FILES = COPYING COPYING.LIB # NOTE: there is no top-level license file for non-(L)GPL licenses; # the non-(L)GPL license texts are specified in the affected # individual source files. +QEMU_CPE_ID_VENDOR = $(QEMU_NAME) #------------------------------------------------------------- # Target-qemu diff --git a/package/rapidjson/rapidjson.mk b/package/rapidjson/rapidjson.mk index 9f1c82ce40..d3bcef7df1 100644 --- a/package/rapidjson/rapidjson.mk +++ b/package/rapidjson/rapidjson.mk @@ -8,6 +8,7 @@ RAPIDJSON_VERSION = 1.1.0 RAPIDJSON_SITE = $(call github,miloyip,rapidjson,v$(RAPIDJSON_VERSION)) RAPIDJSON_LICENSE = MIT RAPIDJSON_LICENSE_FILES = license.txt +RAPIDJSON_CPE_ID_VENDOR = tencent # rapidjson is a header-only C++ library RAPIDJSON_INSTALL_TARGET = NO diff --git a/package/readline/readline.mk b/package/readline/readline.mk index f5d7d5bf9e..04872ac868 100644 --- a/package/readline/readline.mk +++ b/package/readline/readline.mk @@ -14,6 +14,7 @@ READLINE_CONF_ENV = bash_cv_func_sigsetjmp=yes \ READLINE_CONF_OPTS = --disable-install-examples READLINE_LICENSE = GPL-3.0+ READLINE_LICENSE_FILES = COPYING +READLINE_CPE_ID_VENDOR = gnu define READLINE_INSTALL_INPUTRC $(INSTALL) -D -m 644 package/readline/inputrc $(TARGET_DIR)/etc/inputrc diff --git a/package/refpolicy/refpolicy.mk b/package/refpolicy/refpolicy.mk index 1a5fefff06..891a0d29e6 100644 --- a/package/refpolicy/refpolicy.mk +++ b/package/refpolicy/refpolicy.mk @@ -9,6 +9,7 @@ REFPOLICY_SOURCE = refpolicy-$(REFPOLICY_VERSION).tar.bz2 REFPOLICY_SITE = https://github.com/SELinuxProject/refpolicy/releases/download/RELEASE_2_20190609 REFPOLICY_LICENSE = GPL-2.0 REFPOLICY_LICENSE_FILES = COPYING +REFPOLICY_CPE_ID_VENDOR = tresys REFPOLICY_INSTALL_STAGING = YES REFPOLICY_DEPENDENCIES = \ host-m4 \ diff --git a/package/rsyslog/rsyslog.mk b/package/rsyslog/rsyslog.mk index 27d482fdec..bd129f1724 100644 --- a/package/rsyslog/rsyslog.mk +++ b/package/rsyslog/rsyslog.mk @@ -8,6 +8,7 @@ RSYSLOG_VERSION = 8.2002.0 RSYSLOG_SITE = http://rsyslog.com/files/download/rsyslog RSYSLOG_LICENSE = GPL-3.0, LGPL-3.0, Apache-2.0 RSYSLOG_LICENSE_FILES = COPYING COPYING.LESSER COPYING.ASL20 +RSYSLOG_CPE_ID_VENDOR = $(RSYSLOG_NAME) RSYSLOG_DEPENDENCIES = zlib libestr liblogging libfastjson host-pkgconf RSYSLOG_CONF_ENV = ac_cv_prog_cc_c99='-std=c99' RSYSLOG_PLUGINS = imdiag imfile impstats imptcp \ diff --git a/package/rt-tests/rt-tests.mk b/package/rt-tests/rt-tests.mk index abc32f4fb2..acf219a6a5 100644 --- a/package/rt-tests/rt-tests.mk +++ b/package/rt-tests/rt-tests.mk @@ -9,6 +9,7 @@ RT_TESTS_SOURCE = rt-tests-$(RT_TESTS_VERSION).tar.xz RT_TESTS_VERSION = 1.6 RT_TESTS_LICENSE = GPL-2.0+ RT_TESTS_LICENSE_FILES = COPYING +RT_TESTS_CPE_ID_VENDOR = kernel ifeq ($(BR2_PACKAGE_PYTHON3),y) RT_TESTS_DEPENDENCIES = python3 diff --git a/package/sed/sed.mk b/package/sed/sed.mk index 6bb3220553..64fb2035b0 100644 --- a/package/sed/sed.mk +++ b/package/sed/sed.mk @@ -9,6 +9,7 @@ SED_SOURCE = sed-$(SED_VERSION).tar.xz SED_SITE = $(BR2_GNU_MIRROR)/sed SED_LICENSE = GPL-3.0 SED_LICENSE_FILES = COPYING +SED_CPE_ID_VENDOR = gnu SED_CONF_OPTS = \ --bindir=/bin \ diff --git a/package/setools/setools.mk b/package/setools/setools.mk index 63ca3651e8..7b1c1a4b64 100644 --- a/package/setools/setools.mk +++ b/package/setools/setools.mk @@ -10,6 +10,7 @@ SETOOLS_DEPENDENCIES = libselinux libsepol python-setuptools host-bison host-fle SETOOLS_INSTALL_STAGING = YES SETOOLS_LICENSE = GPL-2.0+, LGPL-2.1+ SETOOLS_LICENSE_FILES = COPYING COPYING.GPL COPYING.LGPL +SETOOLS_CPE_ID_VENDOR = selinuxproject SETOOLS_SETUP_TYPE = setuptools HOST_SETOOLS_DEPENDENCIES = host-libselinux host-libsepol host-python-networkx diff --git a/package/setserial/setserial.mk b/package/setserial/setserial.mk index 66ca59d79d..2e29e4c803 100644 --- a/package/setserial/setserial.mk +++ b/package/setserial/setserial.mk @@ -10,6 +10,7 @@ SETSERIAL_SOURCE = setserial_$(SETSERIAL_VERSION).orig.tar.gz SETSERIAL_SITE = http://snapshot.debian.org/archive/debian/20141023T043132Z/pool/main/s/setserial SETSERIAL_LICENSE = GPL-2.0 SETSERIAL_LICENSE_FILES = debian/copyright + # make all also builds setserial.cat which needs nroff SETSERIAL_MAKE_OPTS = setserial diff --git a/package/smcroute/smcroute.mk b/package/smcroute/smcroute.mk index 1a36c75d47..0db0e084f6 100644 --- a/package/smcroute/smcroute.mk +++ b/package/smcroute/smcroute.mk @@ -9,6 +9,7 @@ SMCROUTE_SOURCE = smcroute-$(SMCROUTE_VERSION).tar.xz SMCROUTE_SITE = https://github.com/troglobit/smcroute/releases/download/$(SMCROUTE_VERSION) SMCROUTE_LICENSE = GPL-2.0+ SMCROUTE_LICENSE_FILES = COPYING +SMCROUTE_CPE_ID_VENDOR = troglobit SMCROUTE_CONF_OPTS = ac_cv_func_setpgrp_void=yes #BUG:The package Makefile uses CC?= even though the package is autotools based diff --git a/package/spawn-fcgi/spawn-fcgi.mk b/package/spawn-fcgi/spawn-fcgi.mk index ed97d0a7b4..8caa1e2b3c 100644 --- a/package/spawn-fcgi/spawn-fcgi.mk +++ b/package/spawn-fcgi/spawn-fcgi.mk @@ -9,5 +9,6 @@ SPAWN_FCGI_SITE = http://www.lighttpd.net/download SPAWN_FCGI_SOURCE = spawn-fcgi-$(SPAWN_FCGI_VERSION).tar.bz2 SPAWN_FCGI_LICENSE = BSD-3-Clause SPAWN_FCGI_LICENSE_FILES = COPYING +SPAWN_FCGI_CPE_ID_VENDOR = lighttpd $(eval $(autotools-package)) diff --git a/package/sqlite/sqlite.mk b/package/sqlite/sqlite.mk index 3283d40cb1..a3061591b1 100644 --- a/package/sqlite/sqlite.mk +++ b/package/sqlite/sqlite.mk @@ -5,11 +5,13 @@ ################################################################################ SQLITE_VERSION = 3310100 +SQLITE_CPE_ID_VERSION = 3.31.1 SQLITE_SOURCE = sqlite-autoconf-$(SQLITE_VERSION).tar.gz SQLITE_SITE = https://www.sqlite.org/2020 SQLITE_LICENSE = Public domain SQLITE_LICENSE_FILES = tea/license.terms SQLITE_INSTALL_STAGING = YES +SQLITE_CPE_ID_VENDOR = $(SQLITE_NAME) ifeq ($(BR2_PACKAGE_SQLITE_STAT4),y) SQLITE_CFLAGS += -DSQLITE_ENABLE_STAT4 diff --git a/package/strongswan/strongswan.mk b/package/strongswan/strongswan.mk index 7f1752ce57..1f7437fa31 100644 --- a/package/strongswan/strongswan.mk +++ b/package/strongswan/strongswan.mk @@ -12,6 +12,7 @@ STRONGSWAN_PATCH = \ $(STRONGSWAN_SITE)/patches/28_gmp_pkcs1_overflow_patch/strongswan-4.4.0-5.7.0_gmp-pkcs1-overflow.patch STRONGSWAN_LICENSE = GPL-2.0+ STRONGSWAN_LICENSE_FILES = COPYING LICENSE +STRONGSWAN_CPE_ID_VENDOR = $(STRONGSWAN_NAME) STRONGSWAN_DEPENDENCIES = host-pkgconf STRONGSWAN_INSTALL_STAGING = YES STRONGSWAN_CONF_OPTS += \ diff --git a/package/tar/tar.mk b/package/tar/tar.mk index 9e0a40e561..643eff1cbc 100644 --- a/package/tar/tar.mk +++ b/package/tar/tar.mk @@ -12,6 +12,7 @@ TAR_SITE = $(BR2_GNU_MIRROR)/tar TAR_CONF_OPTS = --exec-prefix=/ TAR_LICENSE = GPL-3.0+ TAR_LICENSE_FILES = COPYING +TAR_CPE_ID_VENDOR = gnu ifeq ($(BR2_PACKAGE_ACL),y) TAR_DEPENDENCIES += acl diff --git a/package/tcl/tcl.mk b/package/tcl/tcl.mk index 6d750b3cd2..913891e897 100644 --- a/package/tcl/tcl.mk +++ b/package/tcl/tcl.mk @@ -10,6 +10,7 @@ TCL_SOURCE = tcl$(TCL_VERSION)-src.tar.gz TCL_SITE = http://downloads.sourceforge.net/project/tcl/Tcl/$(TCL_VERSION) TCL_LICENSE = TCL TCL_LICENSE_FILES = license.terms +TCL_CPE_ID_VENDOR = $(TCL_NAME) TCL_SUBDIR = unix TCL_INSTALL_STAGING = YES TCL_AUTORECONF = YES diff --git a/package/tcpdump/tcpdump.mk b/package/tcpdump/tcpdump.mk index 01a46b9b5f..9687e3c497 100644 --- a/package/tcpdump/tcpdump.mk +++ b/package/tcpdump/tcpdump.mk @@ -8,6 +8,7 @@ TCPDUMP_VERSION = 4.9.3 TCPDUMP_SITE = http://www.tcpdump.org/release TCPDUMP_LICENSE = BSD-3-Clause TCPDUMP_LICENSE_FILES = LICENSE +TCPDUMP_CPE_ID_VENDOR = $(TCPDUMP_NAME) TCPDUMP_CONF_ENV = \ ac_cv_linux_vers=2 \ td_cv_buggygetaddrinfo=no \ diff --git a/package/tftpd/tftpd.mk b/package/tftpd/tftpd.mk index 57905fda05..301a222e39 100644 --- a/package/tftpd/tftpd.mk +++ b/package/tftpd/tftpd.mk @@ -10,6 +10,8 @@ TFTPD_SITE = $(BR2_KERNEL_MIRROR)/software/network/tftp/tftp-hpa TFTPD_CONF_OPTS = --without-tcpwrappers TFTPD_LICENSE = BSD-4-Clause TFTPD_LICENSE_FILES = tftpd/tftpd.c +TFTPD_CPE_ID_VENDOR = $(TFTPD_NAME)-hpa_project +TFTPD_CPE_ID_NAME = $(TFTPD_NAME)-hpa define TFTPD_INSTALL_TARGET_CMDS $(INSTALL) -D $(@D)/tftp/tftp $(TARGET_DIR)/usr/bin/tftp diff --git a/package/uboot-tools/uboot-tools.mk b/package/uboot-tools/uboot-tools.mk index a06c25998f..61e22f6ae8 100644 --- a/package/uboot-tools/uboot-tools.mk +++ b/package/uboot-tools/uboot-tools.mk @@ -9,6 +9,8 @@ UBOOT_TOOLS_SOURCE = u-boot-$(UBOOT_TOOLS_VERSION).tar.bz2 UBOOT_TOOLS_SITE = ftp://ftp.denx.de/pub/u-boot UBOOT_TOOLS_LICENSE = GPL-2.0+ UBOOT_TOOLS_LICENSE_FILES = Licenses/gpl-2.0.txt +UBOOT_TOOLS_CPE_ID_VENDOR = denx +UBOOT_TOOLS_CPE_ID_NAME = u-boot UBOOT_TOOLS_INSTALL_STAGING = YES # u-boot 2020.01+ needs make 4.0+ diff --git a/package/util-linux/util-linux.mk b/package/util-linux/util-linux.mk index b6ccaaa78d..42343eaf45 100644 --- a/package/util-linux/util-linux.mk +++ b/package/util-linux/util-linux.mk @@ -21,6 +21,7 @@ UTIL_LINUX_LICENSE_FILES = README.licensing \ Documentation/licenses/COPYING.ISC \ Documentation/licenses/COPYING.LGPL-2.1-or-later +UTIL_LINUX_CPE_ID_VENDOR = kernel UTIL_LINUX_INSTALL_STAGING = YES UTIL_LINUX_DEPENDENCIES = host-pkgconf $(TARGET_NLS_DEPENDENCIES) UTIL_LINUX_CONF_OPTS += \ diff --git a/package/valgrind/valgrind.mk b/package/valgrind/valgrind.mk index 41b2625191..94230fd4b8 100644 --- a/package/valgrind/valgrind.mk +++ b/package/valgrind/valgrind.mk @@ -9,6 +9,7 @@ VALGRIND_SITE = ftp://sourceware.org/pub/valgrind VALGRIND_SOURCE = valgrind-$(VALGRIND_VERSION).tar.bz2 VALGRIND_LICENSE = GPL-2.0, GFDL-1.2 VALGRIND_LICENSE_FILES = COPYING COPYING.DOCS +VALGRIND_CPE_ID_VENDOR = $(VALGRIND_NAME) VALGRIND_CONF_OPTS = \ --disable-ubsan \ --without-mpicc diff --git a/package/vim/vim.mk b/package/vim/vim.mk index 1fbb6a6b86..2bd3d437e4 100644 --- a/package/vim/vim.mk +++ b/package/vim/vim.mk @@ -23,6 +23,7 @@ VIM_CONF_ENV = \ VIM_CONF_OPTS = --with-tlib=ncurses --enable-gui=no --without-x VIM_LICENSE = Charityware VIM_LICENSE_FILES = README.txt +VIM_CPE_ID_VENDOR = $(VIM_NAME) ifeq ($(BR2_PACKAGE_ACL),y) VIM_CONF_OPTS += --enable-acl diff --git a/package/wget/wget.mk b/package/wget/wget.mk index ed3f1fdff9..65c132e453 100644 --- a/package/wget/wget.mk +++ b/package/wget/wget.mk @@ -10,6 +10,7 @@ WGET_SITE = $(BR2_GNU_MIRROR)/wget WGET_DEPENDENCIES = host-pkgconf WGET_LICENSE = GPL-3.0+ WGET_LICENSE_FILES = COPYING +WGET_CPE_ID_VENDOR = gnu ifeq ($(BR2_PACKAGE_GNUTLS),y) WGET_CONF_OPTS += --with-ssl=gnutls diff --git a/package/wireless-regdb/wireless-regdb.mk b/package/wireless-regdb/wireless-regdb.mk index 31b62e36e1..f51aba75df 100644 --- a/package/wireless-regdb/wireless-regdb.mk +++ b/package/wireless-regdb/wireless-regdb.mk @@ -9,6 +9,7 @@ WIRELESS_REGDB_SOURCE = wireless-regdb-$(WIRELESS_REGDB_VERSION).tar.xz WIRELESS_REGDB_SITE = $(BR2_KERNEL_MIRROR)/software/network/wireless-regdb WIRELESS_REGDB_LICENSE = ISC WIRELESS_REGDB_LICENSE_FILES = LICENSE +WIRELESS_REGDB_CPE_ID_VENDOR = kernel ifeq ($(BR2_PACKAGE_CRDA),y) define WIRELESS_REGDB_INSTALL_CRDA_TARGET_CMDS diff --git a/package/wireless_tools/wireless_tools.mk b/package/wireless_tools/wireless_tools.mk index b87ab20fb2..01d03218d6 100644 --- a/package/wireless_tools/wireless_tools.mk +++ b/package/wireless_tools/wireless_tools.mk @@ -10,6 +10,8 @@ WIRELESS_TOOLS_SITE = https://hewlettpackard.github.io/wireless-tools WIRELESS_TOOLS_SOURCE = wireless_tools.$(WIRELESS_TOOLS_VERSION).tar.gz WIRELESS_TOOLS_LICENSE = GPL-2.0 WIRELESS_TOOLS_LICENSE_FILES = COPYING +WIRELESS_TOOLS_CPE_ID_VERSION = $(WIRELESS_TOOLS_VERSION_MAJOR) +WIRELESS_TOOLS_CPE_ID_VERSION_MINOR = pre9 WIRELESS_TOOLS_INSTALL_STAGING = YES WIRELESS_TOOLS_BUILD_TARGETS = iwmulticall diff --git a/package/wpa_supplicant/wpa_supplicant.mk b/package/wpa_supplicant/wpa_supplicant.mk index 8e7b9c3a65..93763c3973 100644 --- a/package/wpa_supplicant/wpa_supplicant.mk +++ b/package/wpa_supplicant/wpa_supplicant.mk @@ -8,6 +8,7 @@ WPA_SUPPLICANT_VERSION = 2.9 WPA_SUPPLICANT_SITE = http://w1.fi/releases WPA_SUPPLICANT_LICENSE = BSD-3-Clause WPA_SUPPLICANT_LICENSE_FILES = README +WPA_SUPPLICANT_CPE_ID_VENDOR = w1.fi WPA_SUPPLICANT_CONFIG = $(WPA_SUPPLICANT_DIR)/wpa_supplicant/.config WPA_SUPPLICANT_SUBDIR = wpa_supplicant WPA_SUPPLICANT_DBUS_OLD_SERVICE = fi.epitest.hostap.WPASupplicant diff --git a/package/xerces/xerces.mk b/package/xerces/xerces.mk index c75a8b0d35..d9dc3992ed 100644 --- a/package/xerces/xerces.mk +++ b/package/xerces/xerces.mk @@ -9,6 +9,8 @@ XERCES_SOURCE = xerces-c-$(XERCES_VERSION).tar.xz XERCES_SITE = http://archive.apache.org/dist/xerces/c/3/sources XERCES_LICENSE = Apache-2.0 XERCES_LICENSE_FILES = LICENSE +XERCES_CPE_ID_VENDOR = apache +XERCES_CPE_ID_NAME = $(XERCES_NAME)-c\+\+ XERCES_INSTALL_STAGING = YES define XERCES_DISABLE_SAMPLES diff --git a/package/xz/xz.mk b/package/xz/xz.mk index dbf874e9b9..5c464d91dd 100644 --- a/package/xz/xz.mk +++ b/package/xz/xz.mk @@ -11,6 +11,7 @@ XZ_INSTALL_STAGING = YES XZ_CONF_ENV = ac_cv_prog_cc_c99='-std=gnu99' XZ_LICENSE = Public Domain, GPL-2.0+, GPL-3.0+, LGPL-2.1+ XZ_LICENSE_FILES = COPYING COPYING.GPLv2 COPYING.GPLv3 COPYING.LGPLv2.1 +XZ_CPE_ID_VENDOR = tukaani ifeq ($(BR2_TOOLCHAIN_HAS_THREADS),y) XZ_CONF_OPTS = --enable-threads diff --git a/toolchain/toolchain-external/pkg-toolchain-external.mk b/toolchain/toolchain-external/pkg-toolchain-external.mk index 6d91cb5d1e..14065345d7 100644 --- a/toolchain/toolchain-external/pkg-toolchain-external.mk +++ b/toolchain/toolchain-external/pkg-toolchain-external.mk @@ -453,6 +453,13 @@ define TOOLCHAIN_EXTERNAL_INSTALL_SYSROOT_LIBS $(call copy_toolchain_sysroot,$${SYSROOT_DIR},$${ARCH_SYSROOT_DIR},$${ARCH_SUBDIR},$${ARCH_LIB_DIR},$${SUPPORT_LIB_DIR}) endef +define TOOLCHAIN_CPE_INFO + ARCH_SYSROOT_DIR="$(call toolchain_find_sysroot,$(TOOLCHAIN_EXTERNAL_CC) $(TOOLCHAIN_EXTERNAL_CFLAGS))" ; \ + MAJ=`awk '{ if ($$1 = /#define/ && ($$2= /__GLIBC__/)){printf $$3};}' $${ARCH_SYSROOT_DIR}/usr/include/features.h` ; \ + MIN=`awk '{ if ($$1 = /#define/ && ($$2 = /_GLIBC_MINOR/)){printf $$3};}' $${ARCH_SYSROOT_DIR}/usr/include/features.h` ; \ + echo $${MAJ}.$${MIN} +endef + # Create a symlink from (usr/)$(ARCH_LIB_DIR) to lib. # Note: the skeleton package additionally creates lib32->lib or lib64->lib # (as appropriate)