On Wed, May 18, 2022 at 12:33 PM Richard Purdie
wrote:
>
> On Wed, 2022-05-18 at 02:46 -0700, akash hadke via
> lists.openembedded.org wrote:
> > Hi Richard,
> >
> > I tried modifying the cve-check.bbclass but did not able to get the
> > solution for disabling the NVD data, because when we inherit
On Wed, 2022-05-18 at 02:46 -0700, akash hadke via
lists.openembedded.org wrote:
> Hi Richard,
>
> I tried modifying the cve-check.bbclass but did not able to get the
> solution for disabling the NVD data, because when we inherit cve-
> check it executes the cve_check task that checks CVEs from NV
Hi Richard,
I tried modifying the cve-check.bbclass but did not able to get the solution
for disabling the NVD data, because when we inherit cve-check it executes the
cve_check task that checks CVEs from NVD DB. So I am also not sure how to
disable it hence I used the separate bbclass.
-=-=-=-
On Tue, 2022-05-17 at 11:42 +, akash hadke via lists.openembedded.org wrote:
> Actually, I wanted to add the ignored and patched CVEs in
> buildhistory and for that purpose, I am exporting variables
> CVE_IGNORED and CVE_PATCHED with those values. I don't want to use
> cve-check.bbclass as it c
Hi Marta,
If you see the code from the succeeding patch to this
https://lists.openembedded.org/g/openembedded-core/message/165502 here I have
checked if cve-extra-exclusions.inc is included or not. If it is not included
then the code will not get executed.
-=-=-=-=-=-=-=-=-=-=-=-
Links: You re
ve-check.
Kind regards,
Marta
>
> Best Regards,
> Akash
>
> From: Marta Rybczynska
> Sent: 17 May 2022 14:42
> To: Akash Hadke
> Cc: OE-core ; Ranjitsinh Rathod
> ; Akash Hadke
> Subject: Re: [OE-core] [poky][master][PATCH 1/3] cve_check.py: Add new method
> get_ig
onent recipe. Hence, I have did the changes to exclude
CVEs from cve-extra-exclusions.inc
Best Regards,
Akash
From: Marta Rybczynska
Sent: 17 May 2022 14:42
To: Akash Hadke
Cc: OE-core ; Ranjitsinh Rathod
; Akash Hadke
Subject: Re: [OE-core] [poky][master][PATC
On Wed, May 11, 2022 at 4:37 PM akash hadke via lists.openembedded.org
wrote:
>
> Add new method get_ignored_cves in cve_check.py
> to get ignored CVEs from recipe by excluding distro-wide
> ignored CVEs from meta/conf/distro/include/cve-extra-exclusions.inc
>
> While calling this method use below
Add new method get_ignored_cves in cve_check.py
to get ignored CVEs from recipe by excluding distro-wide
ignored CVEs from meta/conf/distro/include/cve-extra-exclusions.inc
While calling this method use below code to get argument values
paths = d.getVar('PATH').split(':')
cves = d.getVar('CVE_CHEC