* [PATCH 1/2] cve-check: fix comments
@ 2021-08-05 10:27 Michael Opdenacker
2021-08-05 10:27 ` [PATCH 2/2] cve-check: update link to NVD website for CVE details Michael Opdenacker
2021-08-05 14:39 ` [oe] [PATCH 1/2] cve-check: fix comments Khem Raj
0 siblings, 2 replies; 4+ messages in thread
From: Michael Opdenacker @ 2021-08-05 10:27 UTC (permalink / raw)
To: openembedded-devel; +Cc: Michael Opdenacker
This implements various fixes in comments in cve-check.bbclass
In particular, the "whitlisted" typo is important as the "whitelisted"
word is going to be replaced in a near future.
Signed-off-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
---
meta/classes/cve-check.bbclass | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass
index a3fc9c2623..acdf005a72 100644
--- a/meta/classes/cve-check.bbclass
+++ b/meta/classes/cve-check.bbclass
@@ -20,7 +20,7 @@
# the only method to check against CVEs. Running this tool
# doesn't guarantee your packages are free of CVEs.
-# The product name that the CVE database uses. Defaults to BPN, but may need to
+# The product name that the CVE database uses defaults to BPN, but may need to
# be overriden per recipe (for example tiff.bb sets CVE_PRODUCT=libtiff).
CVE_PRODUCT ??= "${BPN}"
CVE_VERSION ??= "${PV}"
@@ -56,11 +56,11 @@ CVE_CHECK_WHITELIST ?= ""
# Layers to be excluded
CVE_CHECK_LAYER_EXCLUDELIST ??= ""
-# Layers to be included
+# Layers to be included
CVE_CHECK_LAYER_INCLUDELIST ??= ""
-# set to "alphabetical" for version using single alphabetical character as increament release
+# set to "alphabetical" for version using single alphabetical character as increment release
CVE_VERSION_SUFFIX ??= ""
python cve_save_summary_handler () {
@@ -230,7 +230,7 @@ def check_cves(d, patched_cves):
return ([], [], [])
pv = d.getVar("CVE_VERSION").split("+git")[0]
- # If the recipe has been whitlisted we return empty lists
+ # If the recipe has been whitelisted we return empty lists
if pn in d.getVar("CVE_CHECK_PN_WHITELIST").split():
bb.note("Recipe has been whitelisted, skipping check")
return ([], [], [])
--
2.25.1
^ permalink raw reply related [flat|nested] 4+ messages in thread
* [PATCH 2/2] cve-check: update link to NVD website for CVE details
2021-08-05 10:27 [PATCH 1/2] cve-check: fix comments Michael Opdenacker
@ 2021-08-05 10:27 ` Michael Opdenacker
2021-08-05 14:39 ` [oe] [PATCH 1/2] cve-check: fix comments Khem Raj
1 sibling, 0 replies; 4+ messages in thread
From: Michael Opdenacker @ 2021-08-05 10:27 UTC (permalink / raw)
To: openembedded-devel; +Cc: Michael Opdenacker
The old URL schema
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-ID
now redirects to
https://nvd.nist.gov/vuln/detail/CVE-ID
Signed-off-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
---
meta/classes/cve-check.bbclass | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass
index acdf005a72..bf7dd15c73 100644
--- a/meta/classes/cve-check.bbclass
+++ b/meta/classes/cve-check.bbclass
@@ -355,7 +355,7 @@ def cve_write_data(d, patched, unpatched, whitelisted, cve_data):
if include_layers and layer not in include_layers:
return
- nvd_link = "https://web.nvd.nist.gov/view/vuln/detail?vulnId="
+ nvd_link = "https://nvd.nist.gov/vuln/detail/"
write_string = ""
unpatched_cves = []
bb.utils.mkdirhier(os.path.dirname(cve_file))
--
2.25.1
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [oe] [PATCH 1/2] cve-check: fix comments
2021-08-05 10:27 [PATCH 1/2] cve-check: fix comments Michael Opdenacker
2021-08-05 10:27 ` [PATCH 2/2] cve-check: update link to NVD website for CVE details Michael Opdenacker
@ 2021-08-05 14:39 ` Khem Raj
2021-08-05 15:49 ` Michael Opdenacker
1 sibling, 1 reply; 4+ messages in thread
From: Khem Raj @ 2021-08-05 14:39 UTC (permalink / raw)
To: Michael Opdenacker, openembedded-devel
Hi Michael
Please send these patches to openembedded-core mailing list since these
are for core layer.
On 8/5/21 3:27 AM, Michael Opdenacker wrote:
> This implements various fixes in comments in cve-check.bbclass
> In particular, the "whitlisted" typo is important as the "whitelisted"
> word is going to be replaced in a near future.
>
> Signed-off-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
> ---
> meta/classes/cve-check.bbclass | 8 ++++----
> 1 file changed, 4 insertions(+), 4 deletions(-)
>
> diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass
> index a3fc9c2623..acdf005a72 100644
> --- a/meta/classes/cve-check.bbclass
> +++ b/meta/classes/cve-check.bbclass
> @@ -20,7 +20,7 @@
> # the only method to check against CVEs. Running this tool
> # doesn't guarantee your packages are free of CVEs.
>
> -# The product name that the CVE database uses. Defaults to BPN, but may need to
> +# The product name that the CVE database uses defaults to BPN, but may need to
> # be overriden per recipe (for example tiff.bb sets CVE_PRODUCT=libtiff).
> CVE_PRODUCT ??= "${BPN}"
> CVE_VERSION ??= "${PV}"
> @@ -56,11 +56,11 @@ CVE_CHECK_WHITELIST ?= ""
> # Layers to be excluded
> CVE_CHECK_LAYER_EXCLUDELIST ??= ""
>
> -# Layers to be included
> +# Layers to be included
> CVE_CHECK_LAYER_INCLUDELIST ??= ""
>
>
> -# set to "alphabetical" for version using single alphabetical character as increament release
> +# set to "alphabetical" for version using single alphabetical character as increment release
> CVE_VERSION_SUFFIX ??= ""
>
> python cve_save_summary_handler () {
> @@ -230,7 +230,7 @@ def check_cves(d, patched_cves):
> return ([], [], [])
> pv = d.getVar("CVE_VERSION").split("+git")[0]
>
> - # If the recipe has been whitlisted we return empty lists
> + # If the recipe has been whitelisted we return empty lists
> if pn in d.getVar("CVE_CHECK_PN_WHITELIST").split():
> bb.note("Recipe has been whitelisted, skipping check")
> return ([], [], [])
>
>
>
>
>
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [oe] [PATCH 1/2] cve-check: fix comments
2021-08-05 14:39 ` [oe] [PATCH 1/2] cve-check: fix comments Khem Raj
@ 2021-08-05 15:49 ` Michael Opdenacker
0 siblings, 0 replies; 4+ messages in thread
From: Michael Opdenacker @ 2021-08-05 15:49 UTC (permalink / raw)
To: Khem Raj, openembedded-devel
Hi Khem,
On 8/5/21 4:39 PM, Khem Raj wrote:
> Hi Michael
>
> Please send these patches to openembedded-core mailing list since
> these are for core layer.
Oops, my mistake. I confused the two lists. Thanks!
Michael.
--
Michael Opdenacker, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2021-08-05 15:49 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-08-05 10:27 [PATCH 1/2] cve-check: fix comments Michael Opdenacker
2021-08-05 10:27 ` [PATCH 2/2] cve-check: update link to NVD website for CVE details Michael Opdenacker
2021-08-05 14:39 ` [oe] [PATCH 1/2] cve-check: fix comments Khem Raj
2021-08-05 15:49 ` Michael Opdenacker
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.