| commit | c437354dda89d90de0635909b6d77868dffa6ea4 | [log] [tgz] |
|---|---|---|
| author | CPE Updater <[email protected]> | Thu Jul 24 23:40:16 2025 |
| committer | Copybara-Service <[email protected]> | Thu Jul 24 23:45:46 2025 |
| tree | 41cd5db8c88f86d20aeebf28926d51fad8f359fc | |
| parent | 1ef9d629d54be6723616c3b8c98ed0b3964ce3d0 [diff] |
[cpesuggest] Add CPE prefix for third_party/boringssl/README.chromium. To verify the correctness of the suggested CPE Prefix, please follow the steps below: 1. Visit the National Vulnerability Database (NVD) page for the suggested CPE Prefix here: https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.2&keyword=cpe:/a:google:boringssl&status=FINAL%2CDEPRECATED 2. Check whether the third-party dependency for which the CPE Prefix is suggested matches the project listed in the NVD page. 3. If the open source project matches and the CPE prefix is not deprecated, please Code-Review+1 and submit if you have enough votes. 4. If the open source project does not match or if the CPE prefix is deprecated, please add the incorrect suggestion to go/ignored_cpes_textproto and add the reason why the suggestion is incorrect. Adding CPE prefixes to a README.chromium file is recommended practice [1] to enable automated vulnerability monitoring. For more information on how CPE prefixes are used see the Chromium Third Party docs [2]. [1] https://chromium.googlesource.com/chromium/src/+/HEAD/third_party/README.chromium.template [2] https://chromium.googlesource.com/chromium/src/+/HEAD/docs/adding_to_third_party.md#add-a-readme_chromium Bug: b/290294330 Change-Id: I93d8751248727757a033639fa28f6ad3333e7f66 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/6782942 Auto-Submit: CPE Updater <[email protected]> Reviewed-by: Elly FJ <[email protected]> Commit-Queue: Joey Scarr <[email protected]> Reviewed-by: Joey Scarr <[email protected]> Cr-Commit-Position: refs/heads/main@{#1491735} NOKEYCHECK=True GitOrigin-RevId: e79a1c3122465ee7881e8a91d738afd4f00cf6c6