Ross Burton 7cf0c30096 go: set vendor in CVE_PRODUCT ...

It's not uncommon for specific third party modules to use "go" as the
product[1]. However, the canonical CPE for the official Go
language/runtime is always golang:go[2], so use that explicitly.

[1] e.g. https://nvd.nist.gov/vuln/detail/CVE-2023-49292
[2] e.g. https://nvd.nist.gov/vuln/detail/CVE-2023-39320

(From OE-Core rev: fc3e9cce9e1a5aa5dc9a5ad4abdd4eb61f868d37)

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

2023-12-13 11:34:27 +00:00

..

go

go: update 1.20.7 -> 1.20.8

2023-10-12 07:53:40 +01:00

go_1.20.12.bb

go: update 1.20.11 -> 1.20.12

2023-12-08 16:58:34 +00:00

go-1.20.12.inc

go: update 1.20.11 -> 1.20.12

2023-12-08 16:58:34 +00:00

go-binary-native_1.20.12.bb

go: set vendor in CVE_PRODUCT

2023-12-13 11:34:27 +00:00

go-common.inc

go: set vendor in CVE_PRODUCT

2023-12-13 11:34:27 +00:00

go-cross_1.20.12.bb

go: update 1.20.11 -> 1.20.12

2023-12-08 16:58:34 +00:00

go-cross-canadian_1.20.12.bb

go: update 1.20.11 -> 1.20.12

2023-12-08 16:58:34 +00:00

go-cross-canadian.inc

go-cross-canadian.inc: drop PE, PR from /usr/src/debug paths

2023-11-20 15:30:52 +00:00

go-cross.inc

go: Remove three unnecessary paths from do_compile[dirs]

2022-03-15 08:40:09 +00:00

go-crosssdk_1.20.12.bb

go: update 1.20.11 -> 1.20.12

2023-12-08 16:58:34 +00:00

go-crosssdk.inc

gcc/go: Drop crosssdk suffix from virtual provides to improve dependency handling

2023-05-02 10:24:50 +01:00

go-native_1.20.12.bb

go: update 1.20.11 -> 1.20.12

2023-12-08 16:58:34 +00:00

go-runtime_1.20.12.bb

go: update 1.20.11 -> 1.20.12

2023-12-08 16:58:34 +00:00

go-runtime.inc

gcc/go: Drop crosssdk suffix from virtual provides to improve dependency handling

2023-05-02 10:24:50 +01:00

go-target.inc

gcc/go: Drop crosssdk suffix from virtual provides to improve dependency handling

2023-05-02 10:24:50 +01:00