From: Mariano Lopez <mariano.lopez@linux.intel.com>
To: akuster808 <akuster808@gmail.com>,
openembedded-core@lists.openembedded.org
Subject: Re: [PATCHv3 1/2] cve-check-tool: Add recipe
Date: Mon, 18 Jul 2016 17:04:36 -0500 [thread overview]
Message-ID: <578D5274.2070208@linux.intel.com> (raw)
In-Reply-To: <57856CDA.5070201@gmail.com>
On 07/12/2016 05:19 PM, akuster808 wrote:
> Mariano,
>
>
> On 07/11/2016 05:52 AM, mariano.lopez@linux.intel.com wrote:
>> From: Mariano Lopez <mariano.lopez@linux.intel.com>
>>
>> cve-check-tool is a program for public CVEs checking.
>> This tool also seek to determine if a vulnerability has
>> been addressed by a patch.
> By tool do you mean the "cve-check-tool"? All the Nvd DB can tell you if
> an CVE has been assigned, anything more than that is not guaranteed.
>
> Look at https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5320
Sorry for the confusion, here I was referring to patches in OE that
address the CVE, the class will look for the CVE tag for this.
>
>> The recipe also includes the do_populate_cve_db task
>> that will populate the database used by the tool.
> This DB is big. May want to add a note to that affect. Maybe a note
> about how to share the DB across builds like with the AB.
You are right, the DB is big and it will take some time to download. By
default the tool will download the DB to DL_DIR, so if you have this dir
shared, it will be downloaded just one time, and incremental updates later.
>
> time for me to play with this.
>
> Thanks for driving this.
Glad to be helping with this.
> regards,
> Armin
>
Mariano
next prev parent reply other threads:[~2016-07-18 22:04 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-02-25 15:07 [PATCHv2 0/2] Add initial capability to check CVEs for recipes mariano.lopez
2016-02-25 15:07 ` [PATCHv2 1/2] cve-check-tool: Add recipe mariano.lopez
2016-02-25 15:07 ` [PATCHv2 2/2] cve-check.bbclass: Add class mariano.lopez
[not found] ` <cover.1468241364.git.mariano.lopez@linux.intel.com>
2016-07-11 12:52 ` [PATCHv3 1/2] cve-check-tool: Add recipe mariano.lopez
2016-07-12 22:19 ` akuster808
2016-07-18 22:04 ` Mariano Lopez [this message]
2016-07-11 12:52 ` [PATCHv3 2/2] cve-check.bbclass: Add class mariano.lopez
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=578D5274.2070208@linux.intel.com \
--to=mariano.lopez@linux.intel.com \
--cc=akuster808@gmail.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox