* [PATCH 1/2] cve-check: fix comments
@ 2021-08-05 10:27 Michael Opdenacker
2021-08-05 10:27 ` [PATCH 2/2] cve-check: update link to NVD website for CVE details Michael Opdenacker
2021-08-05 14:39 ` [oe] [PATCH 1/2] cve-check: fix comments Khem Raj
0 siblings, 2 replies; 5+ messages in thread
From: Michael Opdenacker @ 2021-08-05 10:27 UTC (permalink / raw)
To: openembedded-devel; +Cc: Michael Opdenacker
This implements various fixes in comments in cve-check.bbclass
In particular, the "whitlisted" typo is important as the "whitelisted"
word is going to be replaced in a near future.
Signed-off-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
---
meta/classes/cve-check.bbclass | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass
index a3fc9c2623..acdf005a72 100644
--- a/meta/classes/cve-check.bbclass
+++ b/meta/classes/cve-check.bbclass
@@ -20,7 +20,7 @@
# the only method to check against CVEs. Running this tool
# doesn't guarantee your packages are free of CVEs.
-# The product name that the CVE database uses. Defaults to BPN, but may need to
+# The product name that the CVE database uses defaults to BPN, but may need to
# be overriden per recipe (for example tiff.bb sets CVE_PRODUCT=libtiff).
CVE_PRODUCT ??= "${BPN}"
CVE_VERSION ??= "${PV}"
@@ -56,11 +56,11 @@ CVE_CHECK_WHITELIST ?= ""
# Layers to be excluded
CVE_CHECK_LAYER_EXCLUDELIST ??= ""
-# Layers to be included
+# Layers to be included
CVE_CHECK_LAYER_INCLUDELIST ??= ""
-# set to "alphabetical" for version using single alphabetical character as increament release
+# set to "alphabetical" for version using single alphabetical character as increment release
CVE_VERSION_SUFFIX ??= ""
python cve_save_summary_handler () {
@@ -230,7 +230,7 @@ def check_cves(d, patched_cves):
return ([], [], [])
pv = d.getVar("CVE_VERSION").split("+git")[0]
- # If the recipe has been whitlisted we return empty lists
+ # If the recipe has been whitelisted we return empty lists
if pn in d.getVar("CVE_CHECK_PN_WHITELIST").split():
bb.note("Recipe has been whitelisted, skipping check")
return ([], [], [])
--
2.25.1
^ permalink raw reply related [flat|nested] 5+ messages in thread
* [PATCH 2/2] cve-check: update link to NVD website for CVE details
2021-08-05 10:27 [PATCH 1/2] cve-check: fix comments Michael Opdenacker
@ 2021-08-05 10:27 ` Michael Opdenacker
2021-08-05 14:39 ` [oe] [PATCH 1/2] cve-check: fix comments Khem Raj
1 sibling, 0 replies; 5+ messages in thread
From: Michael Opdenacker @ 2021-08-05 10:27 UTC (permalink / raw)
To: openembedded-devel; +Cc: Michael Opdenacker
The old URL schema
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-ID
now redirects to
https://nvd.nist.gov/vuln/detail/CVE-ID
Signed-off-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
---
meta/classes/cve-check.bbclass | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass
index acdf005a72..bf7dd15c73 100644
--- a/meta/classes/cve-check.bbclass
+++ b/meta/classes/cve-check.bbclass
@@ -355,7 +355,7 @@ def cve_write_data(d, patched, unpatched, whitelisted, cve_data):
if include_layers and layer not in include_layers:
return
- nvd_link = "https://web.nvd.nist.gov/view/vuln/detail?vulnId="
+ nvd_link = "https://nvd.nist.gov/vuln/detail/"
write_string = ""
unpatched_cves = []
bb.utils.mkdirhier(os.path.dirname(cve_file))
--
2.25.1
^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: [oe] [PATCH 1/2] cve-check: fix comments
2021-08-05 10:27 [PATCH 1/2] cve-check: fix comments Michael Opdenacker
2021-08-05 10:27 ` [PATCH 2/2] cve-check: update link to NVD website for CVE details Michael Opdenacker
@ 2021-08-05 14:39 ` Khem Raj
2021-08-05 15:49 ` Michael Opdenacker
1 sibling, 1 reply; 5+ messages in thread
From: Khem Raj @ 2021-08-05 14:39 UTC (permalink / raw)
To: Michael Opdenacker, openembedded-devel
Hi Michael
Please send these patches to openembedded-core mailing list since these
are for core layer.
On 8/5/21 3:27 AM, Michael Opdenacker wrote:
> This implements various fixes in comments in cve-check.bbclass
> In particular, the "whitlisted" typo is important as the "whitelisted"
> word is going to be replaced in a near future.
>
> Signed-off-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
> ---
> meta/classes/cve-check.bbclass | 8 ++++----
> 1 file changed, 4 insertions(+), 4 deletions(-)
>
> diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass
> index a3fc9c2623..acdf005a72 100644
> --- a/meta/classes/cve-check.bbclass
> +++ b/meta/classes/cve-check.bbclass
> @@ -20,7 +20,7 @@
> # the only method to check against CVEs. Running this tool
> # doesn't guarantee your packages are free of CVEs.
>
> -# The product name that the CVE database uses. Defaults to BPN, but may need to
> +# The product name that the CVE database uses defaults to BPN, but may need to
> # be overriden per recipe (for example tiff.bb sets CVE_PRODUCT=libtiff).
> CVE_PRODUCT ??= "${BPN}"
> CVE_VERSION ??= "${PV}"
> @@ -56,11 +56,11 @@ CVE_CHECK_WHITELIST ?= ""
> # Layers to be excluded
> CVE_CHECK_LAYER_EXCLUDELIST ??= ""
>
> -# Layers to be included
> +# Layers to be included
> CVE_CHECK_LAYER_INCLUDELIST ??= ""
>
>
> -# set to "alphabetical" for version using single alphabetical character as increament release
> +# set to "alphabetical" for version using single alphabetical character as increment release
> CVE_VERSION_SUFFIX ??= ""
>
> python cve_save_summary_handler () {
> @@ -230,7 +230,7 @@ def check_cves(d, patched_cves):
> return ([], [], [])
> pv = d.getVar("CVE_VERSION").split("+git")[0]
>
> - # If the recipe has been whitlisted we return empty lists
> + # If the recipe has been whitelisted we return empty lists
> if pn in d.getVar("CVE_CHECK_PN_WHITELIST").split():
> bb.note("Recipe has been whitelisted, skipping check")
> return ([], [], [])
>
>
>
>
>
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [oe] [PATCH 1/2] cve-check: fix comments
2021-08-05 14:39 ` [oe] [PATCH 1/2] cve-check: fix comments Khem Raj
@ 2021-08-05 15:49 ` Michael Opdenacker
0 siblings, 0 replies; 5+ messages in thread
From: Michael Opdenacker @ 2021-08-05 15:49 UTC (permalink / raw)
To: Khem Raj, openembedded-devel
Hi Khem,
On 8/5/21 4:39 PM, Khem Raj wrote:
> Hi Michael
>
> Please send these patches to openembedded-core mailing list since
> these are for core layer.
Oops, my mistake. I confused the two lists. Thanks!
Michael.
--
Michael Opdenacker, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com
^ permalink raw reply [flat|nested] 5+ messages in thread
* [PATCH 2/2] cve-check: update link to NVD website for CVE details
2021-08-05 15:51 Michael Opdenacker
@ 2021-08-05 15:51 ` Michael Opdenacker
0 siblings, 0 replies; 5+ messages in thread
From: Michael Opdenacker @ 2021-08-05 15:51 UTC (permalink / raw)
To: openembedded-core; +Cc: Michael Opdenacker
The old URL schema
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-ID
now redirects to
https://nvd.nist.gov/vuln/detail/CVE-ID
Signed-off-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
---
meta/classes/cve-check.bbclass | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass
index acdf005a72..bf7dd15c73 100644
--- a/meta/classes/cve-check.bbclass
+++ b/meta/classes/cve-check.bbclass
@@ -355,7 +355,7 @@ def cve_write_data(d, patched, unpatched, whitelisted, cve_data):
if include_layers and layer not in include_layers:
return
- nvd_link = "https://web.nvd.nist.gov/view/vuln/detail?vulnId="
+ nvd_link = "https://nvd.nist.gov/vuln/detail/"
write_string = ""
unpatched_cves = []
bb.utils.mkdirhier(os.path.dirname(cve_file))
--
2.25.1
^ permalink raw reply related [flat|nested] 5+ messages in thread
end of thread, other threads:[~2021-08-05 15:51 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-08-05 10:27 [PATCH 1/2] cve-check: fix comments Michael Opdenacker
2021-08-05 10:27 ` [PATCH 2/2] cve-check: update link to NVD website for CVE details Michael Opdenacker
2021-08-05 14:39 ` [oe] [PATCH 1/2] cve-check: fix comments Khem Raj
2021-08-05 15:49 ` Michael Opdenacker
2021-08-05 15:51 Michael Opdenacker
2021-08-05 15:51 ` [PATCH 2/2] cve-check: update link to NVD website for CVE details Michael Opdenacker
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.