{"@context":"https://spdx.org/rdf/3.0.1/spdx-context.jsonld","@graph":[{"type":"CreationInfo","@id":"_:CreationInfo0","created":"2011-04-05T23:00:00Z","createdBy":["http://spdx.org/spdxdocs/bitbake-addba517-4804-5ae3-87c2-0c3a1a5812ba/bitbake/agent/OpenEmbedded"],"createdUsing":["http://spdx.org/spdxdocs/bitbake-addba517-4804-5ae3-87c2-0c3a1a5812ba/bitbake/tool/oe-spdx-creator_1_0"],"specVersion":"3.0.1"},{"type":"CreationInfo","@id":"_:CreationInfo1","created":"2017-05-06T20:38:22Z","createdBy":["http://spdx.org/spdxdocs/bitbake-addba517-4804-5ae3-87c2-0c3a1a5812ba/bitbake/agent/OpenEmbedded"],"createdUsing":["http://spdx.org/spdxdocs/bitbake-addba517-4804-5ae3-87c2-0c3a1a5812ba/bitbake/tool/oe-spdx-creator_1_0"],"specVersion":"3.0.1"},{"type":"Organization","spdxId":"http://spdx.org/spdxdocs/bitbake-addba517-4804-5ae3-87c2-0c3a1a5812ba/bitbake/agent/OpenEmbedded","creationInfo":"_:CreationInfo0","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias"}],"name":"OpenEmbedded"},{"type":"Tool","spdxId":"http://spdx.org/spdxdocs/bitbake-addba517-4804-5ae3-87c2-0c3a1a5812ba/bitbake/tool/oe-spdx-creator_1_0","creationInfo":"_:CreationInfo0","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias"}],"name":"oe-spdx-creator 1.0"},{"type":"SpdxDocument","spdxId":"http://spdx.org/spdxdocs/nativesdk-flex-ef3ea72a-cd9e-5b11-90f2-2c73ba049aac/941970908c0209655cd3a887339d9b2961f51a2f0c6c29a8a0ffc57a96eb53e7/document/package-nativesdk-flex-locale-tr","creationInfo":"_:CreationInfo1","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/doc/nativesdk-flex/package-nativesdk-flex-locale-tr/nativesdk-flex/UNIHASH/document/package-nativesdk-flex-locale-tr","https://rdf.openembedded.org/spdx/3.0/link-name":"a49a38426222ebbd4a42e6b56522b0d5d8e1f5b9b46fb621b4bfcdd3924a8ad1"}],"name":"package-nativesdk-flex-locale-tr","profileConformance":["build","core","security","simpleLicensing","software"],"rootElement":["http://spdx.org/spdxdocs/nativesdk-flex-ef3ea72a-cd9e-5b11-90f2-2c73ba049aac/941970908c0209655cd3a887339d9b2961f51a2f0c6c29a8a0ffc57a96eb53e7/package/nativesdk-flex-locale-tr"]},{"type":"software_Package","spdxId":"http://spdx.org/spdxdocs/nativesdk-flex-ef3ea72a-cd9e-5b11-90f2-2c73ba049aac/941970908c0209655cd3a887339d9b2961f51a2f0c6c29a8a0ffc57a96eb53e7/package/nativesdk-flex-locale-tr","creationInfo":"_:CreationInfo1","description":"Flex is a fast lexical analyser generator.  Flex is a tool for generating programs that recognize lexical patterns in text.  This package contains language translation files for the tr locale.","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/a49a38426222ebbd4a42e6b56522b0d5d8e1f5b9b46fb621b4bfcdd3924a8ad1/nativesdk-flex/UNIHASH/package/nativesdk-flex-locale-tr"}],"externalIdentifier":[{"type":"ExternalIdentifier","externalIdentifierType":"cpe23","identifier":"cpe:2.3:*:flex_project:flex:2.6.4:*:*:*:*:*:*:*"},{"type":"ExternalIdentifier","externalIdentifierType":"cpe23","identifier":"cpe:2.3:*:westes:flex:2.6.4:*:*:*:*:*:*:*"}],"name":"nativesdk-flex-locale-tr","summary":"Flex (The Fast Lexical Analyzer) - tr translations","software_primaryPurpose":"install","software_homePage":"http://sourceforge.net/projects/flex/","software_packageVersion":"2.6.4"},{"type":"software_File","spdxId":"http://spdx.org/spdxdocs/nativesdk-flex-ef3ea72a-cd9e-5b11-90f2-2c73ba049aac/941970908c0209655cd3a887339d9b2961f51a2f0c6c29a8a0ffc57a96eb53e7/package/nativesdk-flex-locale-tr/file/1","creationInfo":"_:CreationInfo1","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/a49a38426222ebbd4a42e6b56522b0d5d8e1f5b9b46fb621b4bfcdd3924a8ad1/nativesdk-flex/UNIHASH/package/nativesdk-flex-locale-tr/file/1"}],"name":"usr/local/oe-sdk-hardcoded-buildpath/sysroots/x86_64-tdxsdk-linux/usr/share/locale/tr/LC_MESSAGES/flex.mo","verifiedUsing":[{"type":"Hash","algorithm":"sha256","hashValue":"97a76e381d68cfdebce49037ae8f6a36310d950a2233d4464b7f555b2df33d8b"}]},{"type":"LifecycleScopedRelationship","spdxId":"http://spdx.org/spdxdocs/nativesdk-flex-ef3ea72a-cd9e-5b11-90f2-2c73ba049aac/941970908c0209655cd3a887339d9b2961f51a2f0c6c29a8a0ffc57a96eb53e7/relationship/4ec59c57c81ea359682a78bb08fdd60d","creationInfo":"_:CreationInfo1","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/a49a38426222ebbd4a42e6b56522b0d5d8e1f5b9b46fb621b4bfcdd3924a8ad1/nativesdk-flex/UNIHASH/relationship/4ec59c57c81ea359682a78bb08fdd60d"}],"from":"http://spdxdocs.org/openembedded-alias/by-doc-hash/23862a05cfe35f8c5b9edcde748acc3ee6e8c48ccf38a26a07c2d1278de3b874/nativesdk-flex/UNIHASH/build/recipe","relationshipType":"hasOutput","to":["http://spdx.org/spdxdocs/nativesdk-flex-ef3ea72a-cd9e-5b11-90f2-2c73ba049aac/941970908c0209655cd3a887339d9b2961f51a2f0c6c29a8a0ffc57a96eb53e7/package/nativesdk-flex-locale-tr"],"scope":"build"},{"type":"Relationship","spdxId":"http://spdx.org/spdxdocs/nativesdk-flex-ef3ea72a-cd9e-5b11-90f2-2c73ba049aac/941970908c0209655cd3a887339d9b2961f51a2f0c6c29a8a0ffc57a96eb53e7/relationship/502b8de8cb734bcbdcbe5e7f41f98cc7","creationInfo":"_:CreationInfo1","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/a49a38426222ebbd4a42e6b56522b0d5d8e1f5b9b46fb621b4bfcdd3924a8ad1/nativesdk-flex/UNIHASH/relationship/502b8de8cb734bcbdcbe5e7f41f98cc7"}],"from":"http://spdx.org/spdxdocs/nativesdk-flex-ef3ea72a-cd9e-5b11-90f2-2c73ba049aac/941970908c0209655cd3a887339d9b2961f51a2f0c6c29a8a0ffc57a96eb53e7/package/nativesdk-flex-locale-tr","relationshipType":"contains","to":["http://spdx.org/spdxdocs/nativesdk-flex-ef3ea72a-cd9e-5b11-90f2-2c73ba049aac/941970908c0209655cd3a887339d9b2961f51a2f0c6c29a8a0ffc57a96eb53e7/package/nativesdk-flex-locale-tr/file/1"]},{"type":"Relationship","spdxId":"http://spdx.org/spdxdocs/nativesdk-flex-ef3ea72a-cd9e-5b11-90f2-2c73ba049aac/941970908c0209655cd3a887339d9b2961f51a2f0c6c29a8a0ffc57a96eb53e7/relationship/a215c77866d13795c9d0e04f11fd6330","creationInfo":"_:CreationInfo1","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/a49a38426222ebbd4a42e6b56522b0d5d8e1f5b9b46fb621b4bfcdd3924a8ad1/nativesdk-flex/UNIHASH/relationship/a215c77866d13795c9d0e04f11fd6330"}],"from":"http://spdx.org/spdxdocs/nativesdk-flex-ef3ea72a-cd9e-5b11-90f2-2c73ba049aac/941970908c0209655cd3a887339d9b2961f51a2f0c6c29a8a0ffc57a96eb53e7/package/nativesdk-flex-locale-tr","relationshipType":"hasDeclaredLicense","to":["http://spdxdocs.org/openembedded-alias/by-doc-hash/23862a05cfe35f8c5b9edcde748acc3ee6e8c48ccf38a26a07c2d1278de3b874/nativesdk-flex/UNIHASH/license/3_27_0/BSD-3-Clause_AND_LGPL-2_0-or-later"]},{"type":"Relationship","spdxId":"http://spdx.org/spdxdocs/nativesdk-flex-ef3ea72a-cd9e-5b11-90f2-2c73ba049aac/941970908c0209655cd3a887339d9b2961f51a2f0c6c29a8a0ffc57a96eb53e7/relationship/a734a762897681d5a9ffb261291f000d","creationInfo":"_:CreationInfo1","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/a49a38426222ebbd4a42e6b56522b0d5d8e1f5b9b46fb621b4bfcdd3924a8ad1/nativesdk-flex/UNIHASH/relationship/a734a762897681d5a9ffb261291f000d"}],"from":"http://spdx.org/spdxdocs/nativesdk-flex-ef3ea72a-cd9e-5b11-90f2-2c73ba049aac/941970908c0209655cd3a887339d9b2961f51a2f0c6c29a8a0ffc57a96eb53e7/package/nativesdk-flex-locale-tr","relationshipType":"hasAssociatedVulnerability","to":["http://spdxdocs.org/openembedded-alias/by-doc-hash/23862a05cfe35f8c5b9edcde748acc3ee6e8c48ccf38a26a07c2d1278de3b874/nativesdk-flex/UNIHASH/vulnerability/CVE-2019-6293"]},{"type":"security_VexNotAffectedVulnAssessmentRelationship","spdxId":"http://spdx.org/spdxdocs/nativesdk-flex-ef3ea72a-cd9e-5b11-90f2-2c73ba049aac/941970908c0209655cd3a887339d9b2961f51a2f0c6c29a8a0ffc57a96eb53e7/vex-not-affected/d37df38ce851b75a10920395851eb459","creationInfo":"_:CreationInfo1","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/a49a38426222ebbd4a42e6b56522b0d5d8e1f5b9b46fb621b4bfcdd3924a8ad1/nativesdk-flex/UNIHASH/vex-not-affected/d37df38ce851b75a10920395851eb459"}],"from":"http://spdxdocs.org/openembedded-alias/by-doc-hash/23862a05cfe35f8c5b9edcde748acc3ee6e8c48ccf38a26a07c2d1278de3b874/nativesdk-flex/UNIHASH/vulnerability/CVE-2019-6293","relationshipType":"doesNotAffect","to":["http://spdx.org/spdxdocs/nativesdk-flex-ef3ea72a-cd9e-5b11-90f2-2c73ba049aac/941970908c0209655cd3a887339d9b2961f51a2f0c6c29a8a0ffc57a96eb53e7/package/nativesdk-flex-locale-tr"],"security_vexVersion":"1.0.0","security_impactStatement":"there is stack exhaustion but no bug and it is building the parser, not running it, effectively similar to a compiler ICE. Upstream no plans to address this."}]}