The metadata.xml for media-libs/giflib is missing the CPE string. Here is a patch to add it: diff --git a/media-libs/giflib/metadata.xml b/media-libs/giflib/metadata.xml index 5eb82c87a..a2b1e1d74 100644 --- a/media-libs/giflib/metadata.xml +++ b/media-libs/giflib/metadata.xml @@ -7,5 +7,6 @@ </maintainer> <upstream> <remote-id type="sourceforge">giflib</remote-id> + <remote-id type="cpe">cpe:/a:giflib_project:giflib</remote-id> </upstream> </pkgmetadata> Reproducible: Always
FWIW, these would be handled quicker if you make a pull request that a Gentoo dev can apply with one command.
(In reply to Matt Turner from comment #1) > FWIW, these would be handled quicker if you make a pull request that a > Gentoo dev can apply with one command. https://github.com/gentoo/gentoo/pull/33208
The bug has been closed via the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=30e69fdc79d6ecbb5c840f1c87087681b7a7314f commit 30e69fdc79d6ecbb5c840f1c87087681b7a7314f Author: Allen Webb <allenwebb@google.com> AuthorDate: 2023-10-05 19:27:43 +0000 Commit: Matt Turner <mattst88@gentoo.org> CommitDate: 2023-10-07 03:47:26 +0000 media-libs/giflib: Add CPE string to metadata.xml Add a CPE string for easier CVE tracking. Closes: https://bugs.gentoo.org/915135 Closes: https://github.com/gentoo/gentoo/pull/33208 Signed-off-by: Allen Webb <allenwebb@google.com> Signed-off-by: Matt Turner <mattst88@gentoo.org> media-libs/giflib/metadata.xml | 1 + 1 file changed, 1 insertion(+)