{"@context":"https://spdx.org/rdf/3.0.1/spdx-context.jsonld","@graph":[{"type":"CreationInfo","@id":"_:CreationInfo0","created":"2011-04-05T23:00:00Z","createdBy":["http://spdx.org/spdxdocs/bitbake-addba517-4804-5ae3-87c2-0c3a1a5812ba/bitbake/agent/OpenEmbedded"],"createdUsing":["http://spdx.org/spdxdocs/bitbake-addba517-4804-5ae3-87c2-0c3a1a5812ba/bitbake/tool/oe-spdx-creator_1_0"],"specVersion":"3.0.1"},{"type":"CreationInfo","@id":"_:CreationInfo1","created":"2025-07-20T16:15:44Z","createdBy":["http://spdx.org/spdxdocs/bitbake-addba517-4804-5ae3-87c2-0c3a1a5812ba/bitbake/agent/OpenEmbedded"],"createdUsing":["http://spdx.org/spdxdocs/bitbake-addba517-4804-5ae3-87c2-0c3a1a5812ba/bitbake/tool/oe-spdx-creator_1_0"],"specVersion":"3.0.1"},{"type":"Organization","spdxId":"http://spdx.org/spdxdocs/bitbake-addba517-4804-5ae3-87c2-0c3a1a5812ba/bitbake/agent/OpenEmbedded","creationInfo":"_:CreationInfo0","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias"}],"name":"OpenEmbedded"},{"type":"Tool","spdxId":"http://spdx.org/spdxdocs/bitbake-addba517-4804-5ae3-87c2-0c3a1a5812ba/bitbake/tool/oe-spdx-creator_1_0","creationInfo":"_:CreationInfo0","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias"}],"name":"oe-spdx-creator 1.0"},{"type":"SpdxDocument","spdxId":"http://spdx.org/spdxdocs/nativesdk-pixman-1247bdb8-df2b-5f76-9b32-42e0db591440/e6c366c5b5a1bb53dfecdda4cc005e0a4b33e24118fab632c272608cb580cd30/document/package-nativesdk-libpixman-1-0","creationInfo":"_:CreationInfo1","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/doc/nativesdk-pixman/package-nativesdk-libpixman-1-0/nativesdk-pixman/UNIHASH/document/package-nativesdk-libpixman-1-0","https://rdf.openembedded.org/spdx/3.0/link-name":"02f8c2083ed40c28045765add4bc5330743715e3d45004f3a5d3a5f212d0b0c9"}],"name":"package-nativesdk-libpixman-1-0","profileConformance":["build","core","security","simpleLicensing","software"],"rootElement":["http://spdx.org/spdxdocs/nativesdk-pixman-1247bdb8-df2b-5f76-9b32-42e0db591440/e6c366c5b5a1bb53dfecdda4cc005e0a4b33e24118fab632c272608cb580cd30/package/nativesdk-libpixman-1-0"]},{"type":"software_Package","spdxId":"http://spdx.org/spdxdocs/nativesdk-pixman-1247bdb8-df2b-5f76-9b32-42e0db591440/e6c366c5b5a1bb53dfecdda4cc005e0a4b33e24118fab632c272608cb580cd30/package/nativesdk-libpixman-1-0","creationInfo":"_:CreationInfo1","description":"Pixman provides a library for manipulating pixel regions -- a set of Y-X banded rectangles, image compositing using the Porter/Duff model and implicit mask generation for geometric primitives including trapezoids, triangles, and rectangles.","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/02f8c2083ed40c28045765add4bc5330743715e3d45004f3a5d3a5f212d0b0c9/nativesdk-pixman/UNIHASH/package/nativesdk-libpixman-1-0"}],"externalIdentifier":[{"type":"ExternalIdentifier","externalIdentifierType":"cpe23","identifier":"cpe:2.3:*:*:pixman:0.46.4:*:*:*:*:*:*:*"}],"name":"nativesdk-libpixman-1-0","summary":"Pixman: Pixel Manipulation library","software_primaryPurpose":"install","software_homePage":"http://www.pixman.org","software_packageVersion":"0.46.4"},{"type":"software_File","spdxId":"http://spdx.org/spdxdocs/nativesdk-pixman-1247bdb8-df2b-5f76-9b32-42e0db591440/e6c366c5b5a1bb53dfecdda4cc005e0a4b33e24118fab632c272608cb580cd30/package/nativesdk-libpixman-1-0/file/1","creationInfo":"_:CreationInfo1","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/02f8c2083ed40c28045765add4bc5330743715e3d45004f3a5d3a5f212d0b0c9/nativesdk-pixman/UNIHASH/package/nativesdk-libpixman-1-0/file/1"}],"name":"usr/local/oe-sdk-hardcoded-buildpath/sysroots/x86_64-tdxsdk-linux/usr/lib/libpixman-1.so.0.46.4","verifiedUsing":[{"type":"Hash","algorithm":"sha256","hashValue":"e6596d0260fe9ceeb86da080403cb53e8649f785306f95f0b32ee94cc0016659"}]},{"type":"Relationship","spdxId":"http://spdx.org/spdxdocs/nativesdk-pixman-1247bdb8-df2b-5f76-9b32-42e0db591440/e6c366c5b5a1bb53dfecdda4cc005e0a4b33e24118fab632c272608cb580cd30/relationship/079b9d4f8b4ac747b010897ee750a586","creationInfo":"_:CreationInfo1","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/02f8c2083ed40c28045765add4bc5330743715e3d45004f3a5d3a5f212d0b0c9/nativesdk-pixman/UNIHASH/relationship/079b9d4f8b4ac747b010897ee750a586"}],"from":"http://spdx.org/spdxdocs/nativesdk-pixman-1247bdb8-df2b-5f76-9b32-42e0db591440/e6c366c5b5a1bb53dfecdda4cc005e0a4b33e24118fab632c272608cb580cd30/package/nativesdk-libpixman-1-0","relationshipType":"hasAssociatedVulnerability","to":["http://spdxdocs.org/openembedded-alias/by-doc-hash/2c969f242f20471a9b36c7f6316a0175ceaa0c4a479c4a4f6d4a18133c207efa/nativesdk-pixman/UNIHASH/vulnerability/CVE-2023-37769"]},{"type":"Relationship","spdxId":"http://spdx.org/spdxdocs/nativesdk-pixman-1247bdb8-df2b-5f76-9b32-42e0db591440/e6c366c5b5a1bb53dfecdda4cc005e0a4b33e24118fab632c272608cb580cd30/relationship/33abceb4e72dda848e1935bce493eb42","creationInfo":"_:CreationInfo1","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/02f8c2083ed40c28045765add4bc5330743715e3d45004f3a5d3a5f212d0b0c9/nativesdk-pixman/UNIHASH/relationship/33abceb4e72dda848e1935bce493eb42"}],"from":"http://spdx.org/spdxdocs/nativesdk-pixman-1247bdb8-df2b-5f76-9b32-42e0db591440/e6c366c5b5a1bb53dfecdda4cc005e0a4b33e24118fab632c272608cb580cd30/package/nativesdk-libpixman-1-0","relationshipType":"hasDeclaredLicense","to":["http://spdxdocs.org/openembedded-alias/by-doc-hash/2c969f242f20471a9b36c7f6316a0175ceaa0c4a479c4a4f6d4a18133c207efa/nativesdk-pixman/UNIHASH/license/3_27_0/MIT_AND_LicenseRef-PD/cd3f19b3e49915bac1b40bf8c161725e"]},{"type":"Relationship","spdxId":"http://spdx.org/spdxdocs/nativesdk-pixman-1247bdb8-df2b-5f76-9b32-42e0db591440/e6c366c5b5a1bb53dfecdda4cc005e0a4b33e24118fab632c272608cb580cd30/relationship/4d9c7b857e4485e7d1d931265aa9b5ad","creationInfo":"_:CreationInfo1","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/02f8c2083ed40c28045765add4bc5330743715e3d45004f3a5d3a5f212d0b0c9/nativesdk-pixman/UNIHASH/relationship/4d9c7b857e4485e7d1d931265aa9b5ad"}],"from":"http://spdx.org/spdxdocs/nativesdk-pixman-1247bdb8-df2b-5f76-9b32-42e0db591440/e6c366c5b5a1bb53dfecdda4cc005e0a4b33e24118fab632c272608cb580cd30/package/nativesdk-libpixman-1-0","relationshipType":"contains","to":["http://spdx.org/spdxdocs/nativesdk-pixman-1247bdb8-df2b-5f76-9b32-42e0db591440/e6c366c5b5a1bb53dfecdda4cc005e0a4b33e24118fab632c272608cb580cd30/package/nativesdk-libpixman-1-0/file/1"]},{"type":"LifecycleScopedRelationship","spdxId":"http://spdx.org/spdxdocs/nativesdk-pixman-1247bdb8-df2b-5f76-9b32-42e0db591440/e6c366c5b5a1bb53dfecdda4cc005e0a4b33e24118fab632c272608cb580cd30/relationship/652308bdd8099a20cc099a77ecdefa8f","creationInfo":"_:CreationInfo1","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/02f8c2083ed40c28045765add4bc5330743715e3d45004f3a5d3a5f212d0b0c9/nativesdk-pixman/UNIHASH/relationship/652308bdd8099a20cc099a77ecdefa8f"}],"from":"http://spdxdocs.org/openembedded-alias/by-doc-hash/2c969f242f20471a9b36c7f6316a0175ceaa0c4a479c4a4f6d4a18133c207efa/nativesdk-pixman/UNIHASH/build/recipe","relationshipType":"hasOutput","to":["http://spdx.org/spdxdocs/nativesdk-pixman-1247bdb8-df2b-5f76-9b32-42e0db591440/e6c366c5b5a1bb53dfecdda4cc005e0a4b33e24118fab632c272608cb580cd30/package/nativesdk-libpixman-1-0"],"scope":"build"},{"type":"security_VexNotAffectedVulnAssessmentRelationship","spdxId":"http://spdx.org/spdxdocs/nativesdk-pixman-1247bdb8-df2b-5f76-9b32-42e0db591440/e6c366c5b5a1bb53dfecdda4cc005e0a4b33e24118fab632c272608cb580cd30/vex-not-affected/d4c59a90f7ee356b744209068125257a","creationInfo":"_:CreationInfo1","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/02f8c2083ed40c28045765add4bc5330743715e3d45004f3a5d3a5f212d0b0c9/nativesdk-pixman/UNIHASH/vex-not-affected/d4c59a90f7ee356b744209068125257a"}],"from":"http://spdxdocs.org/openembedded-alias/by-doc-hash/2c969f242f20471a9b36c7f6316a0175ceaa0c4a479c4a4f6d4a18133c207efa/nativesdk-pixman/UNIHASH/vulnerability/CVE-2023-37769","relationshipType":"doesNotAffect","to":["http://spdx.org/spdxdocs/nativesdk-pixman-1247bdb8-df2b-5f76-9b32-42e0db591440/e6c366c5b5a1bb53dfecdda4cc005e0a4b33e24118fab632c272608cb580cd30/package/nativesdk-libpixman-1-0"],"security_vexVersion":"1.0.0","security_impactStatement":"stress-test is an uninstalled test","security_justificationType":"vulnerableCodeNotPresent"}]}