I don't see the point in logging native, nativesdk etc.
The bottom line is the BPN has the issue.
Allow folks to filter out those other package name variations via
CVE_CHECK_MANIFEST_FILTER
Signed-off-by: Armin Kuster <akuster...@gmail.com>
---
meta/classes/cve-check.bbclass | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass
index 112ee3379d3..0d33d5a530c 100644
--- a/meta/classes/cve-check.bbclass
+++ b/meta/classes/cve-check.bbclass
@@ -59,6 +59,7 @@ CVE_CHECK_LAYER_EXCLUDELIST ??= ""
# Layers to be included
CVE_CHECK_LAYER_INCLUDELIST ??= ""
+CVE_CHECK_MANIFEST_FILTER ??="0"
# set to "alphabetical" for version using single alphabetical character as
increament release
CVE_VERSION_SUFFIX ??= ""
@@ -96,6 +97,13 @@ python do_cve_check () {
"""
if os.path.exists(d.getVar("CVE_CHECK_DB_FILE")):
+ if d.getVar("CVE_CHECK_MANIFEST_FILTER") == "1":
+ # drop native, nativesdk, cross, etc
+ bpn = d.getVar("BPN")
+ pn = d.getVar("PN")
+ if bpn != pn:
+ return
+
try:
patched_cves = get_patches_cves(d)
except FileNotFoundError:
@@ -164,6 +172,7 @@ def get_patches_cves(d):
import re
pn = d.getVar("PN")
+
cve_match = re.compile("CVE:( CVE\-\d{4}\-\d+)+")
# Matches last CVE-1234-211432 in the file name, also if written
--
2.25.1
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#148042):
https://lists.openembedded.org/g/openembedded-core/message/148042
Mute This Topic: https://lists.openembedded.org/mt/80642628/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
