From: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
To: buildroot@busybox.net
Subject: [Buildroot] [PATCH v3 3/8] package/pkg-utils: show-info: report the list of the CVEs ignored
Date: Fri, 28 Aug 2020 10:51:35 +0200 [thread overview]
Message-ID: <20200828105135.569dc44a@windsurf.home> (raw)
In-Reply-To: <20200724154356.2607639-4-gregory.clement@bootlin.com>
On Fri, 24 Jul 2020 17:43:51 +0200
Gregory CLEMENT <gregory.clement@bootlin.com> wrote:
> Add the list of the CVEs to ignore for each package because they
> already have a fix for it.
>
> This information will be useful for a cve-checker.
>
> Signed-off-by: Gregory CLEMENT <gregory.clement@bootlin.com>
Hello, I have applied to next, after tweaking a bit the code.
> ---
> package/pkg-utils.mk | 5 ++++-
> 1 file changed, 4 insertions(+), 1 deletion(-)
>
> diff --git a/package/pkg-utils.mk b/package/pkg-utils.mk
> index d88a14ab0f..21b415cbf3 100644
> --- a/package/pkg-utils.mk
> +++ b/package/pkg-utils.mk
> @@ -117,7 +117,10 @@ define _json-info-pkg
> $(call make-comma-list,$(sort $($(1)_FINAL_ALL_DEPENDENCIES)))
> ],
> "reverse_dependencies": [
> - $(call make-comma-list,$(sort $($(1)_RDEPENDENCIES)))
> + $(call make-comma-list,$(sort $($(1)_RDEPENDENCIES))),
Adding the final comma on this line was not needed.
> + ],
> + "ignore_cves": [
> + $(call make-comma-list,$(sort $($(1)_IGNORE_CVES)))
> ]
I changed to only emit the ignore_cves property if there are ignored
CVEs, like this:
+ $(if $($(1)_IGNORE_CVES),
+ $(comma) "ignore_cves": [
+ $(call make-comma-list,$(sort $($(1)_IGNORE_CVES)))
+ ]
+ )
Do not hesitate to check if it still works for you. It does for me :-)
Thanks,
Thomas
--
Thomas Petazzoni, CTO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com
next prev parent reply other threads:[~2020-08-28 8:51 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-07-24 15:43 [Buildroot] [PATCH v3 0/8] Improving CVE reporting Gregory CLEMENT
2020-07-24 15:43 ` [Buildroot] [PATCH v3 1/8] support/scripts: Turn CVE check into a module Gregory CLEMENT
2020-08-28 7:18 ` Thomas Petazzoni
2020-07-24 15:43 ` [Buildroot] [PATCH v3 2/8] support/scripts/cve.py: Switch to JSON 1.1 Gregory CLEMENT
2020-08-28 7:34 ` Thomas Petazzoni
2020-07-24 15:43 ` [Buildroot] [PATCH v3 3/8] package/pkg-utils: show-info: report the list of the CVEs ignored Gregory CLEMENT
2020-08-28 8:51 ` Thomas Petazzoni [this message]
2020-07-24 15:43 ` [Buildroot] [PATCH v3 4/8] support/script: Make CVE class independent of the Pacakage class Gregory CLEMENT
2020-08-28 9:03 ` Thomas Petazzoni
2020-07-24 15:43 ` [Buildroot] [PATCH v3 5/8] support/scripts: Add a per configuration CVE checker Gregory CLEMENT
2020-07-29 18:03 ` Matthew Weber
2020-08-28 9:45 ` Thomas Petazzoni
2020-07-24 15:43 ` [Buildroot] [PATCH v3 6/8] support/script/pkg-stats: Manage the CVEs that need to be check Gregory CLEMENT
2020-07-24 15:43 ` [Buildroot] [PATCH v3 7/8] support/script/cve-checker: " Gregory CLEMENT
2020-07-24 15:43 ` [Buildroot] [PATCH v3 8/8] package/pkg-utils/cve.py: Manage case when package version doesn't exist Gregory CLEMENT
2020-07-28 7:52 ` [Buildroot] [PATCH v3 0/8] Improving CVE reporting Thomas Petazzoni
2020-07-28 22:07 ` Titouan Christophe
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200828105135.569dc44a@windsurf.home \
--to=thomas.petazzoni@bootlin.com \
--cc=buildroot@busybox.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox