Bug 197543 - [patch] www/lynx: add CPE information
Summary: [patch] www/lynx: add CPE information
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: Bartek Rutkowski
Depends on:
Reported: 2015-02-11 19:47 UTC by shun
Modified: 2015-03-17 12:00 UTC (History)
2 users (show)

See Also:
jharris: maintainer-feedback+

Makefile with CPE information added (269 bytes, patch)
2015-02-11 19:47 UTC, shun
no flags Details | Diff
corrected patch (686 bytes, patch)
2015-02-18 14:17 UTC, jharris
jharris: maintainer-approval-
Details | Diff
correctly corrected patch (720 bytes, patch)
2015-02-18 14:46 UTC, jharris
jharris: maintainer-approval+
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description shun 2015-02-11 19:47:46 UTC
Created attachment 152874 [details]
Makefile with CPE information added

www/lynx has had vulnerabilities with a CPE identifier assigned[0]. This patch adds CPE information as suggested on the FreeBSD wiki[1].

[0] http://www.vuxml.org/freebsd/c01170bf-4990-11da-a1b8-000854d03344.html
[1] https://wiki.freebsd.org/Ports/CPE
Comment 1 Bugzilla Automation freebsd_committer 2015-02-11 19:47:46 UTC
Maintainer CC'd
Comment 2 jharris 2015-02-18 14:17:33 UTC
Created attachment 153147 [details]
corrected patch

Thanks, but do note that the UPDATE field needs to follow the pattern already in use:


e.g., "cpe:2.3:a:lynx:lynx:2.8.8:dev.4:*:*:*:*:*:*" hence "dev.4", or in the port currently, "rel.2", which the updated patch corrects.
Comment 3 jharris 2015-02-18 14:46:10 UTC
Created attachment 153148 [details]
correctly corrected patch

OK, now the patch correctly drops our artificial ".2", shortening "" to "2.8.8":

  %make -V CPE_STR

Also, note that I don't agree with portlint(1):  the CPE_* variables, when manually set, should be as close as possible to the PORTNAME and PORTVERSION which they supersede and/or the DISTNAME from which they're derived.
Comment 4 commit-hook freebsd_committer 2015-03-17 12:00:16 UTC
A commit references this bug:

Author: robak
Date: Tue Mar 17 11:59:49 UTC 2015
New revision: 381488
URL: https://svnweb.freebsd.org/changeset/ports/381488

  www/lynx: add CPE information

  PR:		197543
  Submitted by:	Shun <shun.fbsd.pr@dropcut.net>
  Reviewed by:	Jason Harris <jharris@widomaker.com>

Comment 5 Bartek Rutkowski freebsd_committer 2015-03-17 12:00:51 UTC
Committed, thanks for your work guys!