* [PATCH 3/3] cve-check: improve comment about CVE patch file names
@ 2021-08-05 16:50 Michael Opdenacker
0 siblings, 0 replies; only message in thread
From: Michael Opdenacker @ 2021-08-05 16:50 UTC (permalink / raw)
To: openembedded-core; +Cc: Michael Opdenacker
Signed-off-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
---
meta/classes/cve-check.bbclass | 9 ++++++---
1 file changed, 6 insertions(+), 3 deletions(-)
diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass
index bf7dd15c73..6582f97151 100644
--- a/meta/classes/cve-check.bbclass
+++ b/meta/classes/cve-check.bbclass
@@ -166,9 +166,12 @@ def get_patches_cves(d):
pn = d.getVar("PN")
cve_match = re.compile("CVE:( CVE\-\d{4}\-\d+)+")
- # Matches last CVE-1234-211432 in the file name, also if written
- # with small letters. Not supporting multiple CVE id's in a single
- # file name.
+ # Matches the last "CVE-YYYY-ID" in the file name, also if written
+ # in lowercase. Possible to have multiple CVE IDs in a single
+ # file name, but only the last one will be detected from the file name.
+ # However, patch files contents addressing multiple CVE IDs are supported
+ # (cve_match regular expression)
+
cve_file_name_match = re.compile(".*([Cc][Vv][Ee]\-\d{4}\-\d+)")
patched_cves = set()
--
2.25.1
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2021-08-05 16:50 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-08-05 16:50 [PATCH 3/3] cve-check: improve comment about CVE patch file names Michael Opdenacker
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.