AM5716: LINUX sdk license and security vulnerabilities issue

Semon Zhang

Expert 8551 points

Part Number: AM5716

Tool/software:

customer use Blackduck to scan the TI Linux SDK 9.2 of AM5716, following is the scan result:

1. license issue:

info-risk.xlsx

2. some example of software leakage:

example one:

example two:

---------------------------------------

customer want to know:

a. provide risk analysis descriptio, impact scope, and solutions for component risks identified by the Black Duck tool.

b. regarding license risk components, particularity the terms of use and related legal risks of reciprocal license components such as GPL, or recommended solutions for such components.

c. repair of components with medium to high-risk vulnerabilities , such as the Linux kernel and u-boot

please help check this requirement and provide propose.

Thanks

Semon

23 days ago

0 Takuma Fujiwara 23 days ago

TI__Guru 50873 points

Hi Semon,

The engineer responsible is currently out of office. Please expect 1 business day delay in response.

Regards,

Takuma

0 Josue Zamitiz-Ayala 20 days ago in reply to Takuma Fujiwara

TI__Mastermind 31645 points

Hello Semon,

For A and C the following Disclaimer applies: https://software-dl.ti.com/processor-sdk-linux/esd/AM57X/09_03_06_05/exports/docs/linux/Overview_Technical_Support.html#open-source-software-support-disclaimer

And for B, customer would need to consult with an attorney/lawyer.

-Josue

Processors

Processors forum

AM5716: LINUX sdk license and security vulnerabilities issue