cpe:/a:beep_project:beep is the correct CPE ID for beep:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:beep_project:beep
Indeed, spkr-beep is a fork of https://github.com/johnath/beep as
clearly stated in README.md: "This version of beep has been forked from
Johnathan Nightingales' original beep when johnath/beep#11 required
fixes in 2018, while Johnathan Nightingales' github.com/johnath/beep/
and johnath.com/beep/ was only maintained from around 2000 until around
2013.
So, it is still appropriate to use beep_project:beep CPE ID since the
code base remains the same and no new CPE has been assigned to the fork
(as there have been no new CVEs since 2018).
Signed-off-by: Fabrice Fontaine <redacted>
PKG_LICENSE:=GPL-2.0-or-later
PKG_LICENSE_FILES:=COPYING
+PKG_CPE_ID:=cpe:/a:beep_project:beep
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/spkr-beep/beep/tar.gz/v$(PKG_VERSION)?
git.99rst.org / openwrt-packages.git / commitdiff