* [Buildroot] [git commit] support/scripts/cve.py: use proper CPE ID version when available
@ 2021-04-18 16:20 Thomas Petazzoni
2021-04-26 9:43 ` Peter Korsgaard
0 siblings, 1 reply; 2+ messages in thread
From: Thomas Petazzoni @ 2021-04-18 16:20 UTC (permalink / raw)
To: buildroot
commit: https://git.buildroot.net/buildroot/commit/?id=d06bf960977a95df9e6da9523ffbbd93fa7f920c
branch: https://git.buildroot.net/buildroot/commit/?id=refs/heads/master
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
---
support/scripts/cve.py | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/support/scripts/cve.py b/support/scripts/cve.py
index 965fc2a466..13c29fabe0 100755
--- a/support/scripts/cve.py
+++ b/support/scripts/cve.py
@@ -229,6 +229,11 @@ class CVE:
# if we don't have a cpeid, build one based on name and version
if not cpeid:
cpeid = "cpe:2.3:*:*:%s:%s:*:*:*:*:*:*:*" % (name, version)
+ # if we have a cpeid, use its version instead of the package
+ # version, as they might be different due to
+ # <pkg>_CPE_ID_VERSION
+ else:
+ pkg_version = distutils.version.LooseVersion(cpe_version(cpeid))
for cpe in self.each_cpe():
if not cpe_matches(cpe['id'], cpeid):
^ permalink raw reply related [flat|nested] 2+ messages in thread
* [Buildroot] [git commit] support/scripts/cve.py: use proper CPE ID version when available
2021-04-18 16:20 [Buildroot] [git commit] support/scripts/cve.py: use proper CPE ID version when available Thomas Petazzoni
@ 2021-04-26 9:43 ` Peter Korsgaard
0 siblings, 0 replies; 2+ messages in thread
From: Peter Korsgaard @ 2021-04-26 9:43 UTC (permalink / raw)
To: buildroot
>>>>> "Thomas" == Thomas Petazzoni <thomas.petazzoni@bootlin.com> writes:
> commit: https://git.buildroot.net/buildroot/commit/?id=d06bf960977a95df9e6da9523ffbbd93fa7f920c
> branch: https://git.buildroot.net/buildroot/commit/?id=refs/heads/master
> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Committed to 2021.02.x, thanks.
--
Bye, Peter Korsgaard
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2021-04-26 9:43 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-04-18 16:20 [Buildroot] [git commit] support/scripts/cve.py: use proper CPE ID version when available Thomas Petazzoni
2021-04-26 9:43 ` Peter Korsgaard
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.