{"@context":"https://spdx.org/rdf/3.0.1/spdx-context.jsonld","@graph":[{"type":"CreationInfo","@id":"_:CreationInfo0","created":"2011-04-05T23:00:00Z","createdBy":["http://spdx.org/spdxdocs/bitbake-addba517-4804-5ae3-87c2-0c3a1a5812ba/bitbake/agent/OpenEmbedded"],"createdUsing":["http://spdx.org/spdxdocs/bitbake-addba517-4804-5ae3-87c2-0c3a1a5812ba/bitbake/tool/oe-spdx-creator_1_0"],"specVersion":"3.0.1"},{"type":"CreationInfo","@id":"_:CreationInfo1","created":"2024-01-22T18:32:37Z","createdBy":["http://spdx.org/spdxdocs/bitbake-addba517-4804-5ae3-87c2-0c3a1a5812ba/bitbake/agent/OpenEmbedded"],"createdUsing":["http://spdx.org/spdxdocs/bitbake-addba517-4804-5ae3-87c2-0c3a1a5812ba/bitbake/tool/oe-spdx-creator_1_0"],"specVersion":"3.0.1"},{"type":"Organization","spdxId":"http://spdx.org/spdxdocs/bitbake-addba517-4804-5ae3-87c2-0c3a1a5812ba/bitbake/agent/OpenEmbedded","creationInfo":"_:CreationInfo0","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias"}],"name":"OpenEmbedded"},{"type":"Tool","spdxId":"http://spdx.org/spdxdocs/bitbake-addba517-4804-5ae3-87c2-0c3a1a5812ba/bitbake/tool/oe-spdx-creator_1_0","creationInfo":"_:CreationInfo0","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias"}],"name":"oe-spdx-creator 1.0"},{"type":"SpdxDocument","spdxId":"http://spdx.org/spdxdocs/nativesdk-zlib-c58c8d12-e740-55ae-904b-7f5c10f62a93/502794d139458e2b583f1bba0ce5de4169252353e2d5fd1c1aac081d227f6b06/document/package-nativesdk-libz-staticdev","creationInfo":"_:CreationInfo1","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/doc/nativesdk-zlib/package-nativesdk-libz-staticdev/nativesdk-zlib/UNIHASH/document/package-nativesdk-libz-staticdev","https://rdf.openembedded.org/spdx/3.0/link-name":"a8c296a91f6a25acab892e1a96ef32472c9f9930f29f1c4ce697360a8931283e"}],"name":"package-nativesdk-libz-staticdev","profileConformance":["build","core","security","simpleLicensing","software"],"rootElement":["http://spdx.org/spdxdocs/nativesdk-zlib-c58c8d12-e740-55ae-904b-7f5c10f62a93/502794d139458e2b583f1bba0ce5de4169252353e2d5fd1c1aac081d227f6b06/package/nativesdk-libz-staticdev"]},{"type":"software_Package","spdxId":"http://spdx.org/spdxdocs/nativesdk-zlib-c58c8d12-e740-55ae-904b-7f5c10f62a93/502794d139458e2b583f1bba0ce5de4169252353e2d5fd1c1aac081d227f6b06/package/nativesdk-libz-staticdev","creationInfo":"_:CreationInfo1","description":"Zlib is a general-purpose, patent-free, lossless data compression library which is used by many different programs.  This package contains static libraries for software development.","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/a8c296a91f6a25acab892e1a96ef32472c9f9930f29f1c4ce697360a8931283e/nativesdk-zlib/UNIHASH/package/nativesdk-libz-staticdev"}],"externalIdentifier":[{"type":"ExternalIdentifier","externalIdentifierType":"cpe23","identifier":"cpe:2.3:*:zlib:zlib:1.3.1:*:*:*:*:*:*:*"},{"type":"ExternalIdentifier","externalIdentifierType":"cpe23","identifier":"cpe:2.3:*:gnu:zlib:1.3.1:*:*:*:*:*:*:*"}],"name":"nativesdk-libz-staticdev","summary":"Zlib Compression Library - Development files (Static Libraries)","software_primaryPurpose":"install","software_homePage":"http://zlib.net/","software_packageVersion":"1.3.1"},{"type":"software_File","spdxId":"http://spdx.org/spdxdocs/nativesdk-zlib-c58c8d12-e740-55ae-904b-7f5c10f62a93/502794d139458e2b583f1bba0ce5de4169252353e2d5fd1c1aac081d227f6b06/package/nativesdk-libz-staticdev/file/1","creationInfo":"_:CreationInfo1","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/a8c296a91f6a25acab892e1a96ef32472c9f9930f29f1c4ce697360a8931283e/nativesdk-zlib/UNIHASH/package/nativesdk-libz-staticdev/file/1"}],"name":"usr/local/oe-sdk-hardcoded-buildpath/sysroots/x86_64-tdxsdk-linux/usr/lib/libz.a","verifiedUsing":[{"type":"Hash","algorithm":"sha256","hashValue":"9d970860e4292bcc95df1b400f3a33489f6255e0a9ad2bf338a0d776947859f2"}]},{"type":"LifecycleScopedRelationship","spdxId":"http://spdx.org/spdxdocs/nativesdk-zlib-c58c8d12-e740-55ae-904b-7f5c10f62a93/502794d139458e2b583f1bba0ce5de4169252353e2d5fd1c1aac081d227f6b06/relationship/20f70796ca7333f3f2532103614fc5cf","creationInfo":"_:CreationInfo1","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/a8c296a91f6a25acab892e1a96ef32472c9f9930f29f1c4ce697360a8931283e/nativesdk-zlib/UNIHASH/relationship/20f70796ca7333f3f2532103614fc5cf"}],"from":"http://spdxdocs.org/openembedded-alias/by-doc-hash/880f6fb0cfe241d0edc29c447fa6f730da4934248fbffacd6c61ec8003b6fe10/nativesdk-zlib/UNIHASH/build/recipe","relationshipType":"hasOutput","to":["http://spdx.org/spdxdocs/nativesdk-zlib-c58c8d12-e740-55ae-904b-7f5c10f62a93/502794d139458e2b583f1bba0ce5de4169252353e2d5fd1c1aac081d227f6b06/package/nativesdk-libz-staticdev"],"scope":"build"},{"type":"Relationship","spdxId":"http://spdx.org/spdxdocs/nativesdk-zlib-c58c8d12-e740-55ae-904b-7f5c10f62a93/502794d139458e2b583f1bba0ce5de4169252353e2d5fd1c1aac081d227f6b06/relationship/26ae7f1bbbc9fa1788656538f5834d01","creationInfo":"_:CreationInfo1","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/a8c296a91f6a25acab892e1a96ef32472c9f9930f29f1c4ce697360a8931283e/nativesdk-zlib/UNIHASH/relationship/26ae7f1bbbc9fa1788656538f5834d01"}],"from":"http://spdx.org/spdxdocs/nativesdk-zlib-c58c8d12-e740-55ae-904b-7f5c10f62a93/502794d139458e2b583f1bba0ce5de4169252353e2d5fd1c1aac081d227f6b06/package/nativesdk-libz-staticdev","relationshipType":"hasAssociatedVulnerability","to":["http://spdxdocs.org/openembedded-alias/by-doc-hash/880f6fb0cfe241d0edc29c447fa6f730da4934248fbffacd6c61ec8003b6fe10/nativesdk-zlib/UNIHASH/vulnerability/CVE-2026-22184","http://spdxdocs.org/openembedded-alias/by-doc-hash/880f6fb0cfe241d0edc29c447fa6f730da4934248fbffacd6c61ec8003b6fe10/nativesdk-zlib/UNIHASH/vulnerability/CVE-2026-27171"]},{"type":"Relationship","spdxId":"http://spdx.org/spdxdocs/nativesdk-zlib-c58c8d12-e740-55ae-904b-7f5c10f62a93/502794d139458e2b583f1bba0ce5de4169252353e2d5fd1c1aac081d227f6b06/relationship/f6d65f78d5b7377f8638d8b9545f18f3","creationInfo":"_:CreationInfo1","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/a8c296a91f6a25acab892e1a96ef32472c9f9930f29f1c4ce697360a8931283e/nativesdk-zlib/UNIHASH/relationship/f6d65f78d5b7377f8638d8b9545f18f3"}],"from":"http://spdx.org/spdxdocs/nativesdk-zlib-c58c8d12-e740-55ae-904b-7f5c10f62a93/502794d139458e2b583f1bba0ce5de4169252353e2d5fd1c1aac081d227f6b06/package/nativesdk-libz-staticdev","relationshipType":"hasDeclaredLicense","to":["http://spdxdocs.org/openembedded-alias/by-doc-hash/880f6fb0cfe241d0edc29c447fa6f730da4934248fbffacd6c61ec8003b6fe10/nativesdk-zlib/UNIHASH/license/3_27_0/Zlib"]},{"type":"Relationship","spdxId":"http://spdx.org/spdxdocs/nativesdk-zlib-c58c8d12-e740-55ae-904b-7f5c10f62a93/502794d139458e2b583f1bba0ce5de4169252353e2d5fd1c1aac081d227f6b06/relationship/fa9f8d58e6fbc0dded975b9bdd89fc11","creationInfo":"_:CreationInfo1","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/a8c296a91f6a25acab892e1a96ef32472c9f9930f29f1c4ce697360a8931283e/nativesdk-zlib/UNIHASH/relationship/fa9f8d58e6fbc0dded975b9bdd89fc11"}],"from":"http://spdx.org/spdxdocs/nativesdk-zlib-c58c8d12-e740-55ae-904b-7f5c10f62a93/502794d139458e2b583f1bba0ce5de4169252353e2d5fd1c1aac081d227f6b06/package/nativesdk-libz-staticdev","relationshipType":"contains","to":["http://spdx.org/spdxdocs/nativesdk-zlib-c58c8d12-e740-55ae-904b-7f5c10f62a93/502794d139458e2b583f1bba0ce5de4169252353e2d5fd1c1aac081d227f6b06/package/nativesdk-libz-staticdev/file/1"]},{"type":"security_VexFixedVulnAssessmentRelationship","spdxId":"http://spdx.org/spdxdocs/nativesdk-zlib-c58c8d12-e740-55ae-904b-7f5c10f62a93/502794d139458e2b583f1bba0ce5de4169252353e2d5fd1c1aac081d227f6b06/vex-fixed/00674441090e825aa1db38475f1bad73","creationInfo":"_:CreationInfo1","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/a8c296a91f6a25acab892e1a96ef32472c9f9930f29f1c4ce697360a8931283e/nativesdk-zlib/UNIHASH/vex-fixed/00674441090e825aa1db38475f1bad73"}],"from":"http://spdxdocs.org/openembedded-alias/by-doc-hash/880f6fb0cfe241d0edc29c447fa6f730da4934248fbffacd6c61ec8003b6fe10/nativesdk-zlib/UNIHASH/vulnerability/CVE-2026-27171","relationshipType":"fixedIn","to":["http://spdx.org/spdxdocs/nativesdk-zlib-c58c8d12-e740-55ae-904b-7f5c10f62a93/502794d139458e2b583f1bba0ce5de4169252353e2d5fd1c1aac081d227f6b06/package/nativesdk-libz-staticdev"],"security_vexVersion":"1.0.0"},{"type":"security_VexNotAffectedVulnAssessmentRelationship","spdxId":"http://spdx.org/spdxdocs/nativesdk-zlib-c58c8d12-e740-55ae-904b-7f5c10f62a93/502794d139458e2b583f1bba0ce5de4169252353e2d5fd1c1aac081d227f6b06/vex-not-affected/c0b0d56c59e2701a216e02cda6975e21","creationInfo":"_:CreationInfo1","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/a8c296a91f6a25acab892e1a96ef32472c9f9930f29f1c4ce697360a8931283e/nativesdk-zlib/UNIHASH/vex-not-affected/c0b0d56c59e2701a216e02cda6975e21"}],"from":"http://spdxdocs.org/openembedded-alias/by-doc-hash/880f6fb0cfe241d0edc29c447fa6f730da4934248fbffacd6c61ec8003b6fe10/nativesdk-zlib/UNIHASH/vulnerability/CVE-2026-22184","relationshipType":"doesNotAffect","to":["http://spdx.org/spdxdocs/nativesdk-zlib-c58c8d12-e740-55ae-904b-7f5c10f62a93/502794d139458e2b583f1bba0ce5de4169252353e2d5fd1c1aac081d227f6b06/package/nativesdk-libz-staticdev"],"security_vexVersion":"1.0.0","security_impactStatement":"vulnerable file is not compiled","security_justificationType":"vulnerableCodeNotPresent"}]}