Details
-
Bug
-
Status: Closed (View Workflow)
-
Critical
-
Resolution: Fixed
-
11.8
-
None
-
Notable changes
-
SBOM contained invalid supplier name for libmariadb or libmarias3
Description
On a build with system SSL:
|
11.8 ac8b7757a53bafa9d58ee676675449b6ae3ea5d5 |
{
|
"bom-ref": "mariadb-connector-c-7bb4e6c",
|
"type": "library",
|
"name": "mariadb-connector-c",
|
"version": "7bb4e6c",
|
"purl": "pkg:github/mariadb/mariadb-connector-c@7bb4e6c",
|
"supplier": {
|
"name": ""
|
},
|
"licenses": [
|
{
|
"license": {
|
"id": "LGPL-2.1"
|
}
|
}
|
],
|
"copyright": "NOASSERTION"
|
},
|
{
|
"bom-ref": "libmarias3-0d5babb",
|
"type": "library",
|
"name": "libmarias3",
|
"version": "0d5babb",
|
"purl": "pkg:github/mariadb-corporation/libmarias3@0d5babb",
|
"supplier": {
|
"name": ""
|
},
|
"licenses": [
|
{
|
"license": {
|
"id": "LGPL-2.1"
|
}
|
}
|
],
|
"copyright": "NOASSERTION"
|
},
|
On a build with bundled SSL:
{
|
"bom-ref": "mariadb-connector-c-7bb4e6cd",
|
"type": "library",
|
"name": "mariadb-connector-c",
|
"version": "7bb4e6cd",
|
"purl": "pkg:github/mariadb/mariadb-connector-c@7bb4e6cd",
|
"supplier": {
|
"name": "Wolfssl"
|
},
|
"licenses": [
|
{
|
"license": {
|
"id": "LGPL-2.1"
|
}
|
}
|
],
|
"copyright": "NOASSERTION"
|
},
|
{
|
"bom-ref": "libmarias3-0d5babb",
|
"type": "library",
|
"name": "libmarias3",
|
"version": "0d5babb",
|
"purl": "pkg:github/mariadb-corporation/libmarias3@0d5babb",
|
"supplier": {
|
"name": "Wolfssl"
|
},
|
"licenses": [
|
{
|
"license": {
|
"id": "LGPL-2.1"
|
}
|
}
|
],
|
"copyright": "NOASSERTION"
|
},
|
The problem started happening after this commit in 11.8.2:
commit 59ad3225ae16b5672f10f30841ef414a8cb0d42c
|
Author: Vladislav Vaintroub
|
Date: Thu Feb 13 17:27:11 2025 +0100
|
 |
MDEV-34979 postfix
|
specifically this part of the commit:
@@ -101,10 +104,9 @@ FUNCTION (sbom_get_supplier repo_name repo_user varname)
|
SET(${varname} "MariaDB" PARENT_SCOPE)
|
ELSEIF (repo_name MATCHES "boost")
|
SET(${varname} "Boost.org" PARENT_SCOPE)
|
+ ELSEIF(repo_user MATCHES "mariadb-corporation|mariadb")
|
+ SET(${varname} "MariaDB")
|
ELSE()
|
- IF(repo_user MATCHES "mariadb-corporation|mariadb")
|
- set(repo_user "MariaDB")
|
- ENDIF()
|
# Capitalize just first letter in repo_user
|
STRING(SUBSTRING "${repo_user}" 0 1 first_letter)
|
STRING(SUBSTRING "${repo_user}" 1 -1 rest)
|
12.3 and higher are probably also affected, I didn't check.
Attachments
Issue Links
- is caused by
-
MDEV-34979 generate SBOM from server builds
-
- Closed
-