Hi, On Mon, Feb 15, 2021 at 10:42:54PM +0000, akuster wrote: > I don't see the point in logging native, nativesdk etc. > The bottom line is the BPN has the issue.
There have been several cases where different build targets were applying different patches, e.g. CVE patched not applied in -native or -nativesdk build of the recipe. That aside, I think this patch is ok. > Allow folks to filter out those other package name variations via > CVE_CHECK_MANIFEST_FILTER > > Signed-off-by: Armin Kuster <[email protected]> > > -- > [V2] > rename varible to CVE_CHECK_FILTER_BUILD_TOOLS > --- > meta/classes/cve-check.bbclass | 9 +++++++++ > 1 file changed, 9 insertions(+) > > diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass > index 112ee3379d3..1bed815d8e4 100644 > --- a/meta/classes/cve-check.bbclass > +++ b/meta/classes/cve-check.bbclass > @@ -59,6 +59,7 @@ CVE_CHECK_LAYER_EXCLUDELIST ??= "" > # Layers to be included > CVE_CHECK_LAYER_INCLUDELIST ??= "" > > +CVE_CHECK_FILTER_BUILD_TOOLS ??="0" > > # set to "alphabetical" for version using single alphabetical character as > increament release > CVE_VERSION_SUFFIX ??= "" > @@ -96,6 +97,13 @@ python do_cve_check () { > """ > > if os.path.exists(d.getVar("CVE_CHECK_DB_FILE")): > + if d.getVar("CVE_CHECK_FILTER_BUILD_TOOLS") == "1": > + # drop native, nativesdk, cross, etc > + bpn = d.getVar("BPN") > + pn = d.getVar("PN") > + if bpn != pn: > + return > + > try: > patched_cves = get_patches_cves(d) > except FileNotFoundError: > @@ -164,6 +172,7 @@ def get_patches_cves(d): > import re > > pn = d.getVar("PN") > + This hunk is not needed. For the rest, Acked-by: Mikko Rapeli <[email protected]> Cheers, -Mikko > cve_match = re.compile("CVE:( CVE\-\d{4}\-\d+)+") > > # Matches last CVE-1234-211432 in the file name, also if written > -- > 2.25.1 > > > >
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#148165): https://lists.openembedded.org/g/openembedded-core/message/148165 Mute This Topic: https://lists.openembedded.org/mt/80666339/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
