From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from smtp2.osuosl.org (smtp2.osuosl.org [140.211.166.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 0FC56C433F5 for ; Sun, 9 Jan 2022 16:33:33 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp2.osuosl.org (Postfix) with ESMTP id BF18C40579; Sun, 9 Jan 2022 16:33:32 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from smtp2.osuosl.org ([127.0.0.1]) by localhost (smtp2.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1UoSWqaCAyUi; Sun, 9 Jan 2022 16:33:31 +0000 (UTC) Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34]) by smtp2.osuosl.org (Postfix) with ESMTP id DC74D400CD; Sun, 9 Jan 2022 16:33:30 +0000 (UTC) Received: from smtp2.osuosl.org (smtp2.osuosl.org [140.211.166.133]) by ash.osuosl.org (Postfix) with ESMTP id 04AEC1BF48B for ; Sun, 9 Jan 2022 16:33:29 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp2.osuosl.org (Postfix) with ESMTP id E259F400CD for ; Sun, 9 Jan 2022 16:33:28 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from smtp2.osuosl.org ([127.0.0.1]) by localhost (smtp2.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id J7zdlCNlBZXP for ; Sun, 9 Jan 2022 16:33:27 +0000 (UTC) X-Greylist: from auto-whitelisted by SQLgrey-1.8.0 Received: from relay12.mail.gandi.net (relay12.mail.gandi.net [IPv6:2001:4b98:dc4:8::232]) by smtp2.osuosl.org (Postfix) with ESMTPS id 880B4400A8 for ; Sun, 9 Jan 2022 16:33:27 +0000 (UTC) Received: (Authenticated sender: thomas.petazzoni@bootlin.com) by relay12.mail.gandi.net (Postfix) with ESMTPSA id 04343200005; Sun, 9 Jan 2022 16:33:23 +0000 (UTC) Date: Sun, 9 Jan 2022 17:33:22 +0100 From: Thomas Petazzoni To: Gregory CLEMENT Message-ID: <20220109173322.7be771ad@windsurf> In-Reply-To: <20200921101515.132359-2-gregory.clement@bootlin.com> References: <20200921101515.132359-1-gregory.clement@bootlin.com> <20200921101515.132359-2-gregory.clement@bootlin.com> Organization: Bootlin X-Mailer: Claws Mail 4.0.0 (GTK+ 3.24.31; x86_64-redhat-linux-gnu) MIME-Version: 1.0 Subject: Re: [Buildroot] [PATCH v5 1/3] support/script/pkg-stats: Manage the CVEs that need to be check X-BeenThere: buildroot@buildroot.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Discussion and development of buildroot List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Matt Weber , buildroot@buildroot.org Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: buildroot-bounces@buildroot.org Sender: "buildroot" On Mon, 21 Sep 2020 12:15:13 +0200 Gregory CLEMENT wrote: > When looking for if a package is affected, the version comparison can > fail. This means that we don't know if the version of the package used > is affected or not and we need to check manually the version. > > This patch exposes this new information in json and html format. > > Signed-off-by: Gregory CLEMENT > --- > support/scripts/pkg-stats | 25 ++++++++++++++++++++++++- > 1 file changed, 24 insertions(+), 1 deletion(-) I finally applied this patch, but after renaming the concept from "CVEs to check" to "unsure CVEs", and listing them in the same column as normal CVEs in the HTML rendering, but with a "(unsure)" notice next to them. Thanks a lot! Thomas -- Thomas Petazzoni, CTO, Bootlin Embedded Linux and Kernel engineering https://bootlin.com _______________________________________________ buildroot mailing list buildroot@buildroot.org https://lists.buildroot.org/mailman/listinfo/buildroot