From: Daniel Turull <[email protected]>
This allow to include additional information if one of the
sources is more complete. Updating description with more
up to date information and including summary.
For example:
Before while using cve_check:
{
"id": "CVE-2025-68167",
"status": "Patched",
"link": "https://nvd.nist.gov/vuln/detail/CVE-2025-68167";,
"detail": "fixed-version",
"description": "Fixed from version 6.18"
},
After:
{
"id": "CVE-2025-68167",
"status": "Patched",
"link": "https://nvd.nist.gov/vuln/detail/CVE-2025-68167";,
"detail": "fixed-version",
"description": "Fixed from version 6.18",
"summary": "In the Linux kernel, the following (...)"
},
Signed-off-by: Daniel Turull <[email protected]>
---
scripts/contrib/improve_kernel_cve_report.py | 1 +
1 file changed, 1 insertion(+)
diff --git a/scripts/contrib/improve_kernel_cve_report.py
b/scripts/contrib/improve_kernel_cve_report.py
index 50d25b2239..903de0000c 100755
--- a/scripts/contrib/improve_kernel_cve_report.py
+++ b/scripts/contrib/improve_kernel_cve_report.py
@@ -358,6 +358,7 @@ def cve_update(cve_data, cve, entry):
cve_data[cve] = copy_data(cve_data[cve], entry)
return
if cve_data[cve]['status'] == entry['status']:
+ cve_data[cve] = copy_data(cve_data[cve], entry)
return
if entry['status'] == "Unpatched" and cve_data[cve]['status'] == "Patched":
# Backported-patch (e.g. vendor kernel repo with cherry-picked CVE
patch)
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#230525):
https://lists.openembedded.org/g/openembedded-core/message/230525
Mute This Topic: https://lists.openembedded.org/mt/117633908/21656
Group Owner: [email protected]
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[[email protected]]
-=-=-=-=-=-=-=-=-=-=-=-
