Sorry that I missed that during my review.
I have sent a patch for this now.
Peter
> -----Original Message-----
> From: openembedded-core@lists.openembedded.org
> <openembedded-core@lists.openembedded.org> On Behalf Of Steve Sakoman via
> lists.openembedded.org
> Sent: Sunday, July 23, 2023 16:29
> To: Patches and discussions about the oe-core layer
> <openembedded-core@lists.openembedded.org>;
> yocto-secur...@lists.yoctoproject.org
> Subject: [OE-core] OE-core CVE metrics for master on Sun 23 Jul 2023
>
> CVE check script failed this week with the following error:
>
> ERROR: Unable to parse
> /home/steve/builds/cve/poky/bitbake/lib/bb/parse/parse_py/ConfHandler.py
> Traceback (most recent call last):
> File
> "/home/steve/builds/cve/poky/bitbake/lib/bb/parse/parse_py/ConfHandler.py",
> line 200, in feeder(lineno=125, s='CVE_STATUS[CVE-2020-18974] =
> "upstream-wontfix: It is a fuzzing related buffer overflow. It is of low
> impact since most devices',
> fn='conf/distro/include/cve-extra-exclusions.inc', statements=[<bb.pa>
>
> > raise ParseError("unparsed line: '%s'" % s, fn, lineno);
>
> bb.parse.ParseError: ParseError at
> conf/distro/include/cve-extra-exclusions.inc:125: unparsed line:
> 'CVE_STATUS[CVE-2020-18974] = "upstream-wontfix: It is a fuzzing related
> buffer overflow. It is of low impact since most devices'
>
> This seems to be due to the lack of terminating "\" characters on the
> multiline entry for this CVE in the following commit:
>
> https://git.openembedded.org/openembedded-core/commit/?id=1634ed4048cf56788cd5c2c1bdc979b70afcdcd7
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#184764):
https://lists.openembedded.org/g/openembedded-core/message/184764
Mute This Topic: https://lists.openembedded.org/mt/100311685/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
