projects / feed / packages.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 1924974)
nginx: update CPE ID
authorRoman Azarenko <[email protected]>
Wed, 13 Aug 2025 11:28:33 +0000 (13:28 +0200)
committerGeorge Sapkin <[email protected]>
Sat, 30 Aug 2025 21:23:21 +0000 (00:23 +0300)
Looking at the official CPE dictionary [1], `cpe:/a:nginx:nginx` was
only used until 1.21.4 inclusively. Later it was renamed to
`cpe:/a:f5:nginx`, and it showed up in a few more non-contiguous
versions numbers after 1.21.4.

In all nginx security advisories [2] starting from year 2024, the CPE
ID used is `cpe:/a:f5:nginx_open_source`. This includes versions 1.25.0
and newer.

Update the CPE ID to the newest known value of `cpe:/a:f5:nginx_open_source`
used in nginx's own security advirosies/CVEs.

[1]: https://nvd.nist.gov/products/cpe
[2]: https://nginx.org/en/security_advisories.html

Signed-off-by: Roman Azarenko <[email protected]>
net/nginx/Makefile patch | blob | history

diff --git a/net/nginx/Makefile b/net/nginx/Makefile
index 1bbbce853ddddb982c729f9322daef15b2abcb1a..cb1d51cf71b64c3d9d525e1c564fb4ae5a098ab8 100644 (file)
--- a/net/nginx/Makefile
+++ b/net/nginx/Makefile
@@ -18,7 +18,7 @@ PKG_HASH:=69ee2b237744036e61d24b836668aad3040dda461fe6f570f1787eab570c75aa
 PKG_MAINTAINER:=Thomas Heil <[email protected]> \
                                Christian Marangi <[email protected]>
 PKG_LICENSE:=2-clause BSD-like license
-PKG_CPE_ID:=cpe:/a:nginx:nginx
+PKG_CPE_ID:=cpe:/a:f5:nginx_open_source
 
 PKG_FIXUP:=autoreconf
 PKG_BUILD_PARALLEL:=1
Mirror of packages feed