projects / feed / packages.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 1ad8b17)
nginx: update CPE ID
authorRoman Azarenko <[email protected]>
Wed, 13 Aug 2025 11:28:33 +0000 (13:28 +0200)
committerJosef Schlehofer <[email protected]>
Thu, 11 Sep 2025 06:03:11 +0000 (08:03 +0200)
Looking at the official CPE dictionary [1], `cpe:/a:nginx:nginx` was
only used until 1.21.4 inclusively. Later it was renamed to
`cpe:/a:f5:nginx`, and it showed up in a few more non-contiguous
versions numbers after 1.21.4.

In all nginx security advisories [2] starting from year 2024, the CPE
ID used is `cpe:/a:f5:nginx_open_source`. This includes versions 1.25.0
and newer.

Update the CPE ID to the newest known value of `cpe:/a:f5:nginx_open_source`
used in nginx's own security advirosies/CVEs.

[1]: https://nvd.nist.gov/products/cpe
[2]: https://nginx.org/en/security_advisories.html

Signed-off-by: Roman Azarenko <[email protected]>
(cherry picked from commit 973a26fc6308816de542b5a55a590868b8014fdb)

net/nginx/Makefile patch | blob | history

diff --git a/net/nginx/Makefile b/net/nginx/Makefile
index efc3c0fef3d7f25b9d508fcb4bac704cc9cf8349..e93acd1b65ad2008ace958fcc85187e64f801f41 100644 (file)
--- a/net/nginx/Makefile
+++ b/net/nginx/Makefile
@@ -18,7 +18,7 @@ PKG_HASH:=f9187468ff2eb159260bfd53867c25ff8e334726237acf227b9e870e53d3e36b
 PKG_MAINTAINER:=Thomas Heil <[email protected]> \
                                Christian Marangi <[email protected]>
 PKG_LICENSE:=2-clause BSD-like license
-PKG_CPE_ID:=cpe:/a:nginx:nginx
+PKG_CPE_ID:=cpe:/a:f5:nginx_open_source
 
 PKG_FIXUP:=autoreconf
 PKG_BUILD_PARALLEL:=1
Mirror of packages feed