Bug 198239

Summary: editors/emacs-devel: add CPE information
Product: Ports & Packages Reporter: shun <shun.fbsd.pr>
Component: Individual Port(s)Assignee: Ashish SHUKLA <ashish>
Status: Closed FIXED    
Severity: Affects Only Me Flags: bugzilla: maintainer-feedback? (ashish)
Priority: ---    
Version: Latest   
Hardware: Any   
OS: Any   
Attachments:
Description Flags
Makefile with CPE information added none

Description shun 2015-03-03 18:05:21 UTC 
Created attachment 153724 [details]
Makefile with CPE information added

editors/emacs-devel has had vulnerabilities with a CPE identifier assigned (e.g. CVE-2008-2142). This patch add CPE information as suggested in the FreeBSD wiki[0].

[0] https://wiki.freebsd.org/Ports/CPE
Comment 1 Ashish SHUKLA freebsd_committer freebsd_triage 2015-03-09 09:16:47 UTC 
(In reply to shun from comment #0)

Hi,

Thanks for the diff. I'm working on an emacs-devel port update, and I'll include these changes with it.

Also, adding explicit CPE_VERSION, since by default CPE_VERSION is set to PORTVERSION, which results in following value of CPE_STR:

cpe:2.3:a:gnu:emacs:25.0.50.20150206.5c9ad35f:::::freebsd10:x64

After the change:

+CPE_VERSION=   ${EMACS_VER}

value of CPE_STR results in:

cpe:2.3:a:gnu:emacs:25.0.50:::::freebsd10:x64

Does this make sense, or should I remove this CPE_VERSION change?

Thanks
Ashish
Comment 2 shun 2015-03-09 09:42:24 UTC 
(In reply to Ashish SHUKLA from comment #1)

> After the change:
>
> +CPE_VERSION=   ${EMACS_VER}

Yes, that is correct. I did not pay full attention testing the patch. Thank you for catching it.

shun
Comment 3 Ashish SHUKLA freebsd_committer freebsd_triage 2015-03-23 14:17:19 UTC 
Committed in r381999[1].

Thanks!

[1] https://svnweb.freebsd.org/ports?view=revision&revision=381999