On Thu, Nov 28, 2024 at 11:58:41AM +0000, Richard Purdie via lists.openembedded.org wrote: > On Thu, 2024-11-28 at 12:56 +0100, Mathieu Dubois-Briand via > lists.openembedded.org wrote: > > On Wed, Nov 27, 2024 at 12:59:45PM +0000, Colin McAllister via > > lists.openembedded.org wrote: > > > The database used by cve-check currently stores the access vector > > > and > > > vector string for the oldest CVSS version for each CVE. This should > > > be > > > reversed, where the newest possible CVSS version is included > > > instead. > > > > > > Signed-off-by: Colin McAllister <[email protected]> > > > > Hi, > > > > I believe this patch breaks some selftests: > > > > 2024-11-28 13:29:06,536 - oe-selftest - INFO - > > cve_check.CVECheck.test_image_json (subunit.RemotedTestCase) > > 2024-11-28 13:29:06,539 - oe-selftest - INFO - ... FAIL > > > > https://valkyrie.yoctoproject.org/#/builders/48/builds/463/steps/14/logs/stdio > > > > Is that not from the ongoing NVD issues meaning we can't actually > obtain a new updated database? :/ > > Cheers, > > Richard > >
It might be. I don't see any issue with the patch itself, so it might be an external factor. -- Mathieu Dubois-Briand, Bootlin Embedded Linux and Kernel engineering https://bootlin.com
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#207987): https://lists.openembedded.org/g/openembedded-core/message/207987 Mute This Topic: https://lists.openembedded.org/mt/109805499/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
