esp-idf/components/newlib/sbom.yml

10 lines
463 B
YAML
Raw Normal View History

2023-10-11 05:25:59 -04:00
name: 'newlib'
version: '4.3.0'
cpe: cpe:2.3:a:newlib_project:newlib:{}:*:*:*:*:*:*:*
supplier: 'Organization: Espressif Systems (Shanghai) CO LTD'
originator: 'Organization: Red Hat Incorporated'
description: An open-source C standard library implementation with additional features and patches from Espressif.
cve-exclude-list:
- cve: CVE-2024-30949
reason: May affect RISCV binaries that are linked with libgloss. IDF does not link against this library.