Re: [OE-core][PATCH V2] ovmf: set CVE_PRODUCT and CVE_VERSION
On Wed, 2024-03-27 at 11:47 +0800, Chen Qi via lists.openembedded.org wrote: > ping > > On 3/6/24 14:54, Chen Qi via lists.openembedded.org wrote: > > From: Chen Qi > > > > Set CVE_PRODUCT and CVE_VERSION for ovmf. NVD uses 'edk2' and the > > version should be the date only. Here's an example: > > https://nvd.nist.gov/vuln/detail/CVE-2023-45232 > > > > Signed-off-by: Chen Qi > > --- > > meta/recipes-core/ovmf/ovmf_git.bb | 3 +++ > > 1 file changed, 3 insertions(+) > > > > diff --git a/meta/recipes-core/ovmf/ovmf_git.bb b/meta/recipes- > > core/ovmf/ovmf_git.bb > > index 3dc031d3b6..5b1353b8e8 100644 > > --- a/meta/recipes-core/ovmf/ovmf_git.bb > > +++ b/meta/recipes-core/ovmf/ovmf_git.bb > > @@ -30,6 +30,9 @@ PV = "edk2-stable202308" > > SRCREV = "819cfc6b42a68790a23509e4fcc58ceb70e1965e" > > UPSTREAM_CHECK_GITTAGREGEX = "(?Pedk2-stable.*)" > > > > +CVE_PRODUCT = "edk2" > > +CVE_VERSION = "${@d.getVar('PV').split('stable')[1]}" > > + > > inherit deploy I did merge this but it breaks the cve checks: https://autobuilder.yoctoproject.org/typhoon/#/builders/138/builds/1443/steps/15/logs/warnings This needs to be fixed ASAP. Cheers, Richard -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#197977): https://lists.openembedded.org/g/openembedded-core/message/197977 Mute This Topic: https://lists.openembedded.org/mt/104761710/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core][PATCH V2] ovmf: set CVE_PRODUCT and CVE_VERSION
ping On 3/6/24 14:54, Chen Qi via lists.openembedded.org wrote: From: Chen Qi Set CVE_PRODUCT and CVE_VERSION for ovmf. NVD uses 'edk2' and the version should be the date only. Here's an example: https://nvd.nist.gov/vuln/detail/CVE-2023-45232 Signed-off-by: Chen Qi --- meta/recipes-core/ovmf/ovmf_git.bb | 3 +++ 1 file changed, 3 insertions(+) diff --git a/meta/recipes-core/ovmf/ovmf_git.bb b/meta/recipes-core/ovmf/ovmf_git.bb index 3dc031d3b6..5b1353b8e8 100644 --- a/meta/recipes-core/ovmf/ovmf_git.bb +++ b/meta/recipes-core/ovmf/ovmf_git.bb @@ -30,6 +30,9 @@ PV = "edk2-stable202308" SRCREV = "819cfc6b42a68790a23509e4fcc58ceb70e1965e" UPSTREAM_CHECK_GITTAGREGEX = "(?Pedk2-stable.*)" +CVE_PRODUCT = "edk2" +CVE_VERSION = "${@d.getVar('PV').split('stable')[1]}" + inherit deploy PARALLEL_MAKE = "" -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#197547): https://lists.openembedded.org/g/openembedded-core/message/197547 Mute This Topic: https://lists.openembedded.org/mt/104761710/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core][PATCH V2] ovmf: set CVE_PRODUCT and CVE_VERSION
From: Chen Qi Set CVE_PRODUCT and CVE_VERSION for ovmf. NVD uses 'edk2' and the version should be the date only. Here's an example: https://nvd.nist.gov/vuln/detail/CVE-2023-45232 Signed-off-by: Chen Qi --- meta/recipes-core/ovmf/ovmf_git.bb | 3 +++ 1 file changed, 3 insertions(+) diff --git a/meta/recipes-core/ovmf/ovmf_git.bb b/meta/recipes-core/ovmf/ovmf_git.bb index 3dc031d3b6..5b1353b8e8 100644 --- a/meta/recipes-core/ovmf/ovmf_git.bb +++ b/meta/recipes-core/ovmf/ovmf_git.bb @@ -30,6 +30,9 @@ PV = "edk2-stable202308" SRCREV = "819cfc6b42a68790a23509e4fcc58ceb70e1965e" UPSTREAM_CHECK_GITTAGREGEX = "(?Pedk2-stable.*)" +CVE_PRODUCT = "edk2" +CVE_VERSION = "${@d.getVar('PV').split('stable')[1]}" + inherit deploy PARALLEL_MAKE = "" -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#196659): https://lists.openembedded.org/g/openembedded-core/message/196659 Mute This Topic: https://lists.openembedded.org/mt/104761710/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-