From: "Het Patel -X (hetpat - E INFOCHIPS PRIVATE LIMITED at Cisco)" <hetpat@cisco.com>
To: openembedded-core@lists.openembedded.org
Cc: xe-linux-external@cisco.com, vchavda@cisco.com
Subject: [OE-core] [scarthgap] [PATCH v1 0/4] cve-check: fix incorrect CVE assessments and runtime warnings - cover letter
Date: Tue, 17 Mar 2026 22:39:02 -0700 [thread overview]
Message-ID: <20260318053906.26606-1-hetpat@cisco.com> (raw)
From: Het Patel <hetpat@cisco.com>
The patches address the following bugs:
1. Incomplete CVE Assessment Details: Currently, the `detail` field is missing for approximately 81% of entries, rendering reports unreliable for auditing. These changes ensure that the rationale for a "Patched" or "Unpatched" assessment is properly recorded, allowing for a clear distinction between version-based assessments and missing data.
2. Runtime Warnings: Corrects four instances where debug calls were missing the required log level parameter. This change eliminates the runtime warnings that currently trigger during every CVE scan.
Testing:
- Applied cleanly to the current `scarthgap` HEAD.
- Verified via a full CVE scan.
- Confirmed that all existing CVE statuses are preserved with no regressions observed.
Het Patel (4):
cve-check: encode affected product/vendor in CVE_STATUS
cve-check: annotate CVEs during analysis
cve-check-map: add new statuses
cve-check: fix debug message
meta/classes/cve-check.bbclass | 246 +++++++++++++++++++++--------------------
meta/conf/cve-check-map.conf | 9 +
meta/lib/oe/cve_check.py | 74 +++++++++---
3 files changed, 197 insertions(+), 132 deletions(-)
next reply other threads:[~2026-03-18 5:39 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-03-18 5:39 Het Patel -X (hetpat - E INFOCHIPS PRIVATE LIMITED at Cisco) [this message]
2026-03-18 5:39 ` [OE-core] [scarthgap] [PATCH v1 1/4] cve-check: encode affected product/vendor in CVE_STATUS Het Patel -X (hetpat - E INFOCHIPS PRIVATE LIMITED at Cisco)
2026-03-18 7:31 ` Marko, Peter (FT D EU SK BFS1)
2026-03-18 12:54 ` Het Patel -X (hetpat - E INFOCHIPS PRIVATE LIMITED at Cisco)
2026-03-18 5:39 ` [OE-core] [scarthgap] [PATCH v1 2/4] cve-check: annotate CVEs during analysis Het Patel -X (hetpat - E INFOCHIPS PRIVATE LIMITED at Cisco)
2026-03-18 7:38 ` Marko, Peter (FT D EU SK BFS1)
2026-03-18 12:55 ` Het Patel -X (hetpat - E INFOCHIPS PRIVATE LIMITED at Cisco)
2026-03-18 5:39 ` [OE-core] [scarthgap] [PATCH v1 3/4] cve-check-map: add new statuses Het Patel -X (hetpat - E INFOCHIPS PRIVATE LIMITED at Cisco)
2026-03-18 5:39 ` [OE-core] [scarthgap] [PATCH v1 4/4] cve-check: fix debug message Het Patel -X (hetpat - E INFOCHIPS PRIVATE LIMITED at Cisco)
2026-03-18 11:07 ` [OE-core] [scarthgap] [PATCH v1 0/4] cve-check: fix incorrect CVE assessments and runtime warnings - cover letter Yoann Congal
2026-03-18 12:57 ` Het Patel -X (hetpat - E INFOCHIPS PRIVATE LIMITED at Cisco)
2026-03-18 13:10 ` Yoann Congal
2026-03-18 13:15 ` Yoann Congal
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260318053906.26606-1-hetpat@cisco.com \
--to=hetpat@cisco.com \
--cc=openembedded-core@lists.openembedded.org \
--cc=vchavda@cisco.com \
--cc=xe-linux-external@cisco.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox