{"@context":"https://spdx.org/rdf/3.0.1/spdx-context.jsonld","@graph":[{"type":"CreationInfo","@id":"_:CreationInfo0","created":"2025-06-24T20:32:27Z","createdBy":["http://spdx.org/spdxdocs/bitbake-addba517-4804-5ae3-87c2-0c3a1a5812ba/bitbake/agent/OpenEmbedded"],"createdUsing":["http://spdx.org/spdxdocs/bitbake-addba517-4804-5ae3-87c2-0c3a1a5812ba/bitbake/tool/oe-spdx-creator_1_0"],"specVersion":"3.0.1"},{"type":"CreationInfo","@id":"_:CreationInfo1","created":"2011-04-05T23:00:00Z","createdBy":["http://spdx.org/spdxdocs/bitbake-addba517-4804-5ae3-87c2-0c3a1a5812ba/bitbake/agent/OpenEmbedded"],"createdUsing":["http://spdx.org/spdxdocs/bitbake-addba517-4804-5ae3-87c2-0c3a1a5812ba/bitbake/tool/oe-spdx-creator_1_0"],"specVersion":"3.0.1"},{"type":"Organization","spdxId":"http://spdx.org/spdxdocs/bitbake-addba517-4804-5ae3-87c2-0c3a1a5812ba/bitbake/agent/OpenEmbedded","creationInfo":"_:CreationInfo1","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias"}],"name":"OpenEmbedded"},{"type":"Tool","spdxId":"http://spdx.org/spdxdocs/bitbake-addba517-4804-5ae3-87c2-0c3a1a5812ba/bitbake/tool/oe-spdx-creator_1_0","creationInfo":"_:CreationInfo1","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias"}],"name":"oe-spdx-creator 1.0"},{"type":"SpdxDocument","spdxId":"http://spdx.org/spdxdocs/nativesdk-shadow-e7e73285-7a2e-53e2-94e2-47341af4a81e/0bb3302ddbccc2898be03e9c97f7f5c7509267a83e52797f5c67e6563aac1d69/document/package-nativesdk-shadow-dev","creationInfo":"_:CreationInfo0","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/doc/nativesdk-shadow/package-nativesdk-shadow-dev/nativesdk-shadow/UNIHASH/document/package-nativesdk-shadow-dev","https://rdf.openembedded.org/spdx/3.0/link-name":"d2d535af85c11b2892b708ebe5a27327ddd0cd47a35e5db71872ee97497e3f6c"}],"name":"package-nativesdk-shadow-dev","profileConformance":["build","core","security","simpleLicensing","software"],"rootElement":["http://spdx.org/spdxdocs/nativesdk-shadow-e7e73285-7a2e-53e2-94e2-47341af4a81e/0bb3302ddbccc2898be03e9c97f7f5c7509267a83e52797f5c67e6563aac1d69/package/nativesdk-shadow-dev"]},{"type":"software_Package","spdxId":"http://spdx.org/spdxdocs/nativesdk-shadow-e7e73285-7a2e-53e2-94e2-47341af4a81e/0bb3302ddbccc2898be03e9c97f7f5c7509267a83e52797f5c67e6563aac1d69/package/nativesdk-shadow-dev","creationInfo":"_:CreationInfo0","description":"Tools to change and administer password and group data  This package contains symbolic links, header files, and related items necessary for software development.","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/d2d535af85c11b2892b708ebe5a27327ddd0cd47a35e5db71872ee97497e3f6c/nativesdk-shadow/UNIHASH/package/nativesdk-shadow-dev"}],"externalIdentifier":[{"type":"ExternalIdentifier","externalIdentifierType":"cpe23","identifier":"cpe:2.3:*:*:shadow:4.18.0:*:*:*:*:*:*:*"}],"name":"nativesdk-shadow-dev","summary":"Tools to change and administer password and group data - Development files","software_primaryPurpose":"install","software_homePage":"http://github.com/shadow-maint/shadow","software_packageVersion":"4.18.0"},{"type":"software_File","spdxId":"http://spdx.org/spdxdocs/nativesdk-shadow-e7e73285-7a2e-53e2-94e2-47341af4a81e/0bb3302ddbccc2898be03e9c97f7f5c7509267a83e52797f5c67e6563aac1d69/package/nativesdk-shadow-dev/file/1","creationInfo":"_:CreationInfo0","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/d2d535af85c11b2892b708ebe5a27327ddd0cd47a35e5db71872ee97497e3f6c/nativesdk-shadow/UNIHASH/package/nativesdk-shadow-dev/file/1"}],"name":"usr/local/oe-sdk-hardcoded-buildpath/sysroots/x86_64-tdxsdk-linux/usr/include/shadow/subid.h","verifiedUsing":[{"type":"Hash","algorithm":"sha256","hashValue":"ac4d4f100248c45ac7ac639e2dc54da3b10455b9bd43ed6cc33e5c0e4fb975b4"}]},{"type":"Relationship","spdxId":"http://spdx.org/spdxdocs/nativesdk-shadow-e7e73285-7a2e-53e2-94e2-47341af4a81e/0bb3302ddbccc2898be03e9c97f7f5c7509267a83e52797f5c67e6563aac1d69/relationship/1da41f0b42331e5bac40eb7c2dd8a920","creationInfo":"_:CreationInfo0","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/d2d535af85c11b2892b708ebe5a27327ddd0cd47a35e5db71872ee97497e3f6c/nativesdk-shadow/UNIHASH/relationship/1da41f0b42331e5bac40eb7c2dd8a920"}],"from":"http://spdx.org/spdxdocs/nativesdk-shadow-e7e73285-7a2e-53e2-94e2-47341af4a81e/0bb3302ddbccc2898be03e9c97f7f5c7509267a83e52797f5c67e6563aac1d69/package/nativesdk-shadow-dev","relationshipType":"hasAssociatedVulnerability","to":["http://spdxdocs.org/openembedded-alias/by-doc-hash/b7ec5b98784e237f78cfcbd514d2e5a657b6383b4ab074e8168a94956bff02f9/nativesdk-shadow/UNIHASH/vulnerability/CVE-2013-4235"]},{"type":"Relationship","spdxId":"http://spdx.org/spdxdocs/nativesdk-shadow-e7e73285-7a2e-53e2-94e2-47341af4a81e/0bb3302ddbccc2898be03e9c97f7f5c7509267a83e52797f5c67e6563aac1d69/relationship/2cc1a67a64916bf2db282dd2a6419927","creationInfo":"_:CreationInfo0","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/d2d535af85c11b2892b708ebe5a27327ddd0cd47a35e5db71872ee97497e3f6c/nativesdk-shadow/UNIHASH/relationship/2cc1a67a64916bf2db282dd2a6419927"}],"from":"http://spdx.org/spdxdocs/nativesdk-shadow-e7e73285-7a2e-53e2-94e2-47341af4a81e/0bb3302ddbccc2898be03e9c97f7f5c7509267a83e52797f5c67e6563aac1d69/package/nativesdk-shadow-dev","relationshipType":"hasDeclaredLicense","to":["http://spdxdocs.org/openembedded-alias/by-doc-hash/b7ec5b98784e237f78cfcbd514d2e5a657b6383b4ab074e8168a94956bff02f9/nativesdk-shadow/UNIHASH/license/3_27_0/BSD-3-Clause"]},{"type":"LifecycleScopedRelationship","spdxId":"http://spdx.org/spdxdocs/nativesdk-shadow-e7e73285-7a2e-53e2-94e2-47341af4a81e/0bb3302ddbccc2898be03e9c97f7f5c7509267a83e52797f5c67e6563aac1d69/relationship/8b895b97891b0646b1b998034659003a","creationInfo":"_:CreationInfo0","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/d2d535af85c11b2892b708ebe5a27327ddd0cd47a35e5db71872ee97497e3f6c/nativesdk-shadow/UNIHASH/relationship/8b895b97891b0646b1b998034659003a"}],"from":"http://spdxdocs.org/openembedded-alias/by-doc-hash/b7ec5b98784e237f78cfcbd514d2e5a657b6383b4ab074e8168a94956bff02f9/nativesdk-shadow/UNIHASH/build/recipe","relationshipType":"hasOutput","to":["http://spdx.org/spdxdocs/nativesdk-shadow-e7e73285-7a2e-53e2-94e2-47341af4a81e/0bb3302ddbccc2898be03e9c97f7f5c7509267a83e52797f5c67e6563aac1d69/package/nativesdk-shadow-dev"],"scope":"build"},{"type":"Relationship","spdxId":"http://spdx.org/spdxdocs/nativesdk-shadow-e7e73285-7a2e-53e2-94e2-47341af4a81e/0bb3302ddbccc2898be03e9c97f7f5c7509267a83e52797f5c67e6563aac1d69/relationship/c719418952c7ed0a0f8292c7734e5704","creationInfo":"_:CreationInfo0","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/d2d535af85c11b2892b708ebe5a27327ddd0cd47a35e5db71872ee97497e3f6c/nativesdk-shadow/UNIHASH/relationship/c719418952c7ed0a0f8292c7734e5704"}],"from":"http://spdx.org/spdxdocs/nativesdk-shadow-e7e73285-7a2e-53e2-94e2-47341af4a81e/0bb3302ddbccc2898be03e9c97f7f5c7509267a83e52797f5c67e6563aac1d69/package/nativesdk-shadow-dev","relationshipType":"contains","to":["http://spdx.org/spdxdocs/nativesdk-shadow-e7e73285-7a2e-53e2-94e2-47341af4a81e/0bb3302ddbccc2898be03e9c97f7f5c7509267a83e52797f5c67e6563aac1d69/package/nativesdk-shadow-dev/file/1"]},{"type":"security_VexNotAffectedVulnAssessmentRelationship","spdxId":"http://spdx.org/spdxdocs/nativesdk-shadow-e7e73285-7a2e-53e2-94e2-47341af4a81e/0bb3302ddbccc2898be03e9c97f7f5c7509267a83e52797f5c67e6563aac1d69/vex-not-affected/88985889253ab495b6ff3f901f7fc696","creationInfo":"_:CreationInfo0","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/d2d535af85c11b2892b708ebe5a27327ddd0cd47a35e5db71872ee97497e3f6c/nativesdk-shadow/UNIHASH/vex-not-affected/88985889253ab495b6ff3f901f7fc696"}],"from":"http://spdxdocs.org/openembedded-alias/by-doc-hash/b7ec5b98784e237f78cfcbd514d2e5a657b6383b4ab074e8168a94956bff02f9/nativesdk-shadow/UNIHASH/vulnerability/CVE-2013-4235","relationshipType":"doesNotAffect","to":["http://spdx.org/spdxdocs/nativesdk-shadow-e7e73285-7a2e-53e2-94e2-47341af4a81e/0bb3302ddbccc2898be03e9c97f7f5c7509267a83e52797f5c67e6563aac1d69/package/nativesdk-shadow-dev"],"security_vexVersion":"1.0.0","security_impactStatement":"Severity is low and marked as closed and won't fix."},{"type":"LifecycleScopedRelationship","spdxId":"http://spdx.org/spdxdocs/nativesdk-shadow-e7e73285-7a2e-53e2-94e2-47341af4a81e/20e1c65b2ba5dfd1467517ecc7ff5a72bb6d95decdedb0dfcf8f22358ada2ed1/relationship/8ab3e801221fa245fa57c6a728dc615f","creationInfo":"_:CreationInfo0","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/d2d535af85c11b2892b708ebe5a27327ddd0cd47a35e5db71872ee97497e3f6c/nativesdk-shadow/UNIHASH/relationship/8ab3e801221fa245fa57c6a728dc615f"}],"from":"http://spdx.org/spdxdocs/nativesdk-shadow-e7e73285-7a2e-53e2-94e2-47341af4a81e/0bb3302ddbccc2898be03e9c97f7f5c7509267a83e52797f5c67e6563aac1d69/package/nativesdk-shadow-dev","relationshipType":"dependsOn","to":["http://spdxdocs.org/openembedded-alias/by-doc-hash/f997d54101f63dc739b3f80c8f85689631f8b99b3b2045ae3c64a1e0fc104157/nativesdk-shadow/UNIHASH/package/nativesdk-shadow"],"scope":"runtime"}]}