{"@context":"https://spdx.org/rdf/3.0.1/spdx-context.jsonld","@graph":[{"type":"CreationInfo","@id":"_:CreationInfo0","created":"2011-04-05T23:00:00Z","createdBy":["http://spdx.org/spdxdocs/bitbake-addba517-4804-5ae3-87c2-0c3a1a5812ba/bitbake/agent/OpenEmbedded"],"createdUsing":["http://spdx.org/spdxdocs/bitbake-addba517-4804-5ae3-87c2-0c3a1a5812ba/bitbake/tool/oe-spdx-creator_1_0"],"specVersion":"3.0.1"},{"type":"CreationInfo","@id":"_:CreationInfo1","created":"2025-11-27T15:22:11Z","createdBy":["http://spdx.org/spdxdocs/bitbake-addba517-4804-5ae3-87c2-0c3a1a5812ba/bitbake/agent/OpenEmbedded"],"createdUsing":["http://spdx.org/spdxdocs/bitbake-addba517-4804-5ae3-87c2-0c3a1a5812ba/bitbake/tool/oe-spdx-creator_1_0"],"specVersion":"3.0.1"},{"type":"Organization","spdxId":"http://spdx.org/spdxdocs/bitbake-addba517-4804-5ae3-87c2-0c3a1a5812ba/bitbake/agent/OpenEmbedded","creationInfo":"_:CreationInfo0","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias"}],"name":"OpenEmbedded"},{"type":"Tool","spdxId":"http://spdx.org/spdxdocs/bitbake-addba517-4804-5ae3-87c2-0c3a1a5812ba/bitbake/tool/oe-spdx-creator_1_0","creationInfo":"_:CreationInfo0","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias"}],"name":"oe-spdx-creator 1.0"},{"type":"SpdxDocument","spdxId":"http://spdx.org/spdxdocs/cups-65976d6f-d1d1-57d5-918f-01865b13d11b/946b0ece2b2ae9a3a93b2aea63a7e086519ccfb23cac00e42c68ecc07b761d3c/document/package-libcups2","creationInfo":"_:CreationInfo1","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/doc/cups/package-libcups2/cups/UNIHASH/document/package-libcups2","https://rdf.openembedded.org/spdx/3.0/link-name":"08c17809aa898d203f84b6068ba323ff6675afcd837da3c7b4cf53d8ab550d08"}],"name":"package-libcups2","profileConformance":["build","core","security","simpleLicensing","software"],"rootElement":["http://spdx.org/spdxdocs/cups-65976d6f-d1d1-57d5-918f-01865b13d11b/946b0ece2b2ae9a3a93b2aea63a7e086519ccfb23cac00e42c68ecc07b761d3c/package/libcups2"]},{"type":"software_Package","spdxId":"http://spdx.org/spdxdocs/cups-65976d6f-d1d1-57d5-918f-01865b13d11b/946b0ece2b2ae9a3a93b2aea63a7e086519ccfb23cac00e42c68ecc07b761d3c/package/libcups2","creationInfo":"_:CreationInfo1","description":"The Common UNIX Printing System is a printing system and general replacement for lpd and the like. It supports the Internet Printing Protocol (IPP), and has its own filtering driver model for handling various document types.","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/08c17809aa898d203f84b6068ba323ff6675afcd837da3c7b4cf53d8ab550d08/cups/UNIHASH/package/libcups2"}],"externalIdentifier":[{"type":"ExternalIdentifier","externalIdentifierType":"cpe23","identifier":"cpe:2.3:*:*:cups:2.4.15:*:*:*:*:*:*:*"}],"name":"libcups2","summary":"An Internet printing system for Unix","software_primaryPurpose":"install","software_homePage":"https://www.cups.org/","software_packageVersion":"2.4.15"},{"type":"software_File","spdxId":"http://spdx.org/spdxdocs/cups-65976d6f-d1d1-57d5-918f-01865b13d11b/946b0ece2b2ae9a3a93b2aea63a7e086519ccfb23cac00e42c68ecc07b761d3c/package/libcups2/file/1","creationInfo":"_:CreationInfo1","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/08c17809aa898d203f84b6068ba323ff6675afcd837da3c7b4cf53d8ab550d08/cups/UNIHASH/package/libcups2/file/1"}],"name":"usr/lib/libcups.so.2","verifiedUsing":[{"type":"Hash","algorithm":"sha256","hashValue":"670966427e3fc11d49bfba6d83b2603e3d7c63f1b0613698de4f90fa18b43064"}]},{"type":"LifecycleScopedRelationship","spdxId":"http://spdx.org/spdxdocs/cups-65976d6f-d1d1-57d5-918f-01865b13d11b/946b0ece2b2ae9a3a93b2aea63a7e086519ccfb23cac00e42c68ecc07b761d3c/relationship/19dffe38a31ce3076fe5311761d76efa","creationInfo":"_:CreationInfo1","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/08c17809aa898d203f84b6068ba323ff6675afcd837da3c7b4cf53d8ab550d08/cups/UNIHASH/relationship/19dffe38a31ce3076fe5311761d76efa"}],"from":"http://spdxdocs.org/openembedded-alias/by-doc-hash/8030dd37518e8c58aebaa240051c7edf92796377963aa0368e8d2571afe714a3/cups/UNIHASH/build/recipe","relationshipType":"hasOutput","to":["http://spdx.org/spdxdocs/cups-65976d6f-d1d1-57d5-918f-01865b13d11b/946b0ece2b2ae9a3a93b2aea63a7e086519ccfb23cac00e42c68ecc07b761d3c/package/libcups2"],"scope":"build"},{"type":"Relationship","spdxId":"http://spdx.org/spdxdocs/cups-65976d6f-d1d1-57d5-918f-01865b13d11b/946b0ece2b2ae9a3a93b2aea63a7e086519ccfb23cac00e42c68ecc07b761d3c/relationship/346e8f65cc75163a01a5c761156f7f9d","creationInfo":"_:CreationInfo1","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/08c17809aa898d203f84b6068ba323ff6675afcd837da3c7b4cf53d8ab550d08/cups/UNIHASH/relationship/346e8f65cc75163a01a5c761156f7f9d"}],"from":"http://spdx.org/spdxdocs/cups-65976d6f-d1d1-57d5-918f-01865b13d11b/946b0ece2b2ae9a3a93b2aea63a7e086519ccfb23cac00e42c68ecc07b761d3c/package/libcups2","relationshipType":"hasDeclaredLicense","to":["http://spdxdocs.org/openembedded-alias/by-doc-hash/8030dd37518e8c58aebaa240051c7edf92796377963aa0368e8d2571afe714a3/cups/UNIHASH/license/3_27_0/Apache-2_0"]},{"type":"Relationship","spdxId":"http://spdx.org/spdxdocs/cups-65976d6f-d1d1-57d5-918f-01865b13d11b/946b0ece2b2ae9a3a93b2aea63a7e086519ccfb23cac00e42c68ecc07b761d3c/relationship/727b176dc5b255b2b00aa980a84c5c4c","creationInfo":"_:CreationInfo1","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/08c17809aa898d203f84b6068ba323ff6675afcd837da3c7b4cf53d8ab550d08/cups/UNIHASH/relationship/727b176dc5b255b2b00aa980a84c5c4c"}],"from":"http://spdx.org/spdxdocs/cups-65976d6f-d1d1-57d5-918f-01865b13d11b/946b0ece2b2ae9a3a93b2aea63a7e086519ccfb23cac00e42c68ecc07b761d3c/package/libcups2","relationshipType":"hasAssociatedVulnerability","to":["http://spdxdocs.org/openembedded-alias/by-doc-hash/8030dd37518e8c58aebaa240051c7edf92796377963aa0368e8d2571afe714a3/cups/UNIHASH/vulnerability/CVE-2008-1033","http://spdxdocs.org/openembedded-alias/by-doc-hash/8030dd37518e8c58aebaa240051c7edf92796377963aa0368e8d2571afe714a3/cups/UNIHASH/vulnerability/CVE-2009-0032","http://spdxdocs.org/openembedded-alias/by-doc-hash/8030dd37518e8c58aebaa240051c7edf92796377963aa0368e8d2571afe714a3/cups/UNIHASH/vulnerability/CVE-2018-6553"]},{"type":"Relationship","spdxId":"http://spdx.org/spdxdocs/cups-65976d6f-d1d1-57d5-918f-01865b13d11b/946b0ece2b2ae9a3a93b2aea63a7e086519ccfb23cac00e42c68ecc07b761d3c/relationship/8fc43b6c6c2e16687ddd6b02be3d91fe","creationInfo":"_:CreationInfo1","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/08c17809aa898d203f84b6068ba323ff6675afcd837da3c7b4cf53d8ab550d08/cups/UNIHASH/relationship/8fc43b6c6c2e16687ddd6b02be3d91fe"}],"from":"http://spdx.org/spdxdocs/cups-65976d6f-d1d1-57d5-918f-01865b13d11b/946b0ece2b2ae9a3a93b2aea63a7e086519ccfb23cac00e42c68ecc07b761d3c/package/libcups2","relationshipType":"contains","to":["http://spdx.org/spdxdocs/cups-65976d6f-d1d1-57d5-918f-01865b13d11b/946b0ece2b2ae9a3a93b2aea63a7e086519ccfb23cac00e42c68ecc07b761d3c/package/libcups2/file/1"]},{"type":"security_VexNotAffectedVulnAssessmentRelationship","spdxId":"http://spdx.org/spdxdocs/cups-65976d6f-d1d1-57d5-918f-01865b13d11b/946b0ece2b2ae9a3a93b2aea63a7e086519ccfb23cac00e42c68ecc07b761d3c/vex-not-affected/9e8c2778fddccabef42cc18e9e15d7a5","creationInfo":"_:CreationInfo1","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/08c17809aa898d203f84b6068ba323ff6675afcd837da3c7b4cf53d8ab550d08/cups/UNIHASH/vex-not-affected/9e8c2778fddccabef42cc18e9e15d7a5"}],"from":"http://spdxdocs.org/openembedded-alias/by-doc-hash/8030dd37518e8c58aebaa240051c7edf92796377963aa0368e8d2571afe714a3/cups/UNIHASH/vulnerability/CVE-2009-0032","relationshipType":"doesNotAffect","to":["http://spdx.org/spdxdocs/cups-65976d6f-d1d1-57d5-918f-01865b13d11b/946b0ece2b2ae9a3a93b2aea63a7e086519ccfb23cac00e42c68ecc07b761d3c/package/libcups2"],"security_vexVersion":"1.0.0","security_impactStatement":"Issue affects pdfdistiller plugin used with but not part of cups"},{"type":"security_VexNotAffectedVulnAssessmentRelationship","spdxId":"http://spdx.org/spdxdocs/cups-65976d6f-d1d1-57d5-918f-01865b13d11b/946b0ece2b2ae9a3a93b2aea63a7e086519ccfb23cac00e42c68ecc07b761d3c/vex-not-affected/debcf8cf4b04dd397f34fefc529a4e35","creationInfo":"_:CreationInfo1","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/08c17809aa898d203f84b6068ba323ff6675afcd837da3c7b4cf53d8ab550d08/cups/UNIHASH/vex-not-affected/debcf8cf4b04dd397f34fefc529a4e35"}],"from":"http://spdxdocs.org/openembedded-alias/by-doc-hash/8030dd37518e8c58aebaa240051c7edf92796377963aa0368e8d2571afe714a3/cups/UNIHASH/vulnerability/CVE-2018-6553","relationshipType":"doesNotAffect","to":["http://spdx.org/spdxdocs/cups-65976d6f-d1d1-57d5-918f-01865b13d11b/946b0ece2b2ae9a3a93b2aea63a7e086519ccfb23cac00e42c68ecc07b761d3c/package/libcups2"],"security_vexVersion":"1.0.0","security_impactStatement":"This is an Ubuntu only issue","security_justificationType":"vulnerableCodeNotPresent"},{"type":"security_VexNotAffectedVulnAssessmentRelationship","spdxId":"http://spdx.org/spdxdocs/cups-65976d6f-d1d1-57d5-918f-01865b13d11b/946b0ece2b2ae9a3a93b2aea63a7e086519ccfb23cac00e42c68ecc07b761d3c/vex-not-affected/ef2176c9e490229233e06c2f039f876f","creationInfo":"_:CreationInfo1","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/08c17809aa898d203f84b6068ba323ff6675afcd837da3c7b4cf53d8ab550d08/cups/UNIHASH/vex-not-affected/ef2176c9e490229233e06c2f039f876f"}],"from":"http://spdxdocs.org/openembedded-alias/by-doc-hash/8030dd37518e8c58aebaa240051c7edf92796377963aa0368e8d2571afe714a3/cups/UNIHASH/vulnerability/CVE-2008-1033","relationshipType":"doesNotAffect","to":["http://spdx.org/spdxdocs/cups-65976d6f-d1d1-57d5-918f-01865b13d11b/946b0ece2b2ae9a3a93b2aea63a7e086519ccfb23cac00e42c68ecc07b761d3c/package/libcups2"],"security_vexVersion":"1.0.0","security_impactStatement":"Issue only applies to MacOS","security_justificationType":"vulnerableCodeNotPresent"}]}