From: Mikko Rapeli <mikko.rapeli@linaro.org>
To: Jose Quaresma <quaresma.jose@gmail.com>
Cc: Marta Rybczynska <rybczynska@gmail.com>,
openembedded-core@lists.openembedded.org
Subject: Re: [OE-core] [PATCH] cve-check.bbclass: support embedded SW components with different version number
Date: Fri, 20 Oct 2023 10:59:22 +0300 [thread overview]
Message-ID: <ZTIzWltUnl_Zm8Hg@nuoska> (raw)
In-Reply-To: <CANPvuRk8DGf9Labu0bD+2=vPZcb_E3StzBZ9TcS_TusiXM7ZBA@mail.gmail.com>
On Fri, Oct 20, 2023 at 08:56:43AM +0100, Jose Quaresma wrote:
> Mikko Rapeli <mikko.rapeli@linaro.org> escreveu no dia quinta, 19/10/2023
> �(s) 13:45:
>
> > Hi,
> >
> > Could something like this work?
> >
> > --- a/meta/lib/oe/cve_check.py
> > +++ b/meta/lib/oe/cve_check.py
> > @@ -140,15 +140,14 @@ def get_patched_cves(d):
> > return patched_cves
> >
> >
> > -def get_cpe_ids(cve_product, version):
> > +def get_cpe_ids(cve_product, cve_version):
> > """
> > Get list of CPE identifiers for the given product and version
> > """
> >
> > - version = version.split("+git")[0]
> > -
> > cpe_ids = []
> > for product in cve_product.split():
> > + version = (d.getVar("CVE_VERSION_%s" % product) or
> > cve_version).split("+git")[0]
> >
>
> Looks like your patch fixes the remaining issue
> but don't know if it will be better to get the CVE_VERSION_ after
> splitting the vendor from the product
This is now in v2. For the CVE_VERSION_%s, it uses what ever product was defined
in CVE_PRODUCT space separated list so it is used before vendor and product split.
Cheers,
-Mikko
prev parent reply other threads:[~2023-10-20 7:59 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-10-16 7:01 [PATCH] cve-check.bbclass: support embedded SW components with different version number Mikko Rapeli
2023-10-19 8:19 ` [OE-core] " Marta Rybczynska
2023-10-19 9:13 ` Mikko Rapeli
2023-10-19 11:54 ` Jose Quaresma
2023-10-19 12:21 ` Mikko Rapeli
2023-10-20 7:46 ` Jose Quaresma
[not found] ` <178F819D833CF586.20272@lists.openembedded.org>
2023-10-19 12:45 ` Mikko Rapeli
2023-10-20 7:56 ` Jose Quaresma
2023-10-20 7:59 ` Mikko Rapeli [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZTIzWltUnl_Zm8Hg@nuoska \
--to=mikko.rapeli@linaro.org \
--cc=openembedded-core@lists.openembedded.org \
--cc=quaresma.jose@gmail.com \
--cc=rybczynska@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.