diff options
| author | Richard Purdie <richard.purdie@linuxfoundation.org> | 2022-02-16 20:33:47 +0000 |
|---|---|---|
| committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2022-02-21 23:37:27 +0000 |
| commit | 71ef3191938da772b07274165dd3a85c2ed011f1 (patch) | |
| tree | fd830ada451fec669352cb0dfc1bb316ea9cefd8 /meta/classes/cve-check.bbclass | |
| parent | 5a3d6c7bda0f158473c82d1c38ae2df26192dccb (diff) | |
| download | poky-71ef3191938da772b07274165dd3a85c2ed011f1.tar.gz | |
meta/scripts: Automated conversion of OE renamed variables
(From OE-Core rev: aa52af4518604b5bf13f3c5e885113bf868d6c81)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/classes/cve-check.bbclass')
| -rw-r--r-- | meta/classes/cve-check.bbclass | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass index 21d3da7974..2d69aeba4b 100644 --- a/meta/classes/cve-check.bbclass +++ b/meta/classes/cve-check.bbclass | |||
| @@ -44,14 +44,14 @@ CVE_CHECK_CREATE_MANIFEST ??= "1" | |||
| 44 | CVE_CHECK_REPORT_PATCHED ??= "1" | 44 | CVE_CHECK_REPORT_PATCHED ??= "1" |
| 45 | 45 | ||
| 46 | # Whitelist for packages (PN) | 46 | # Whitelist for packages (PN) |
| 47 | CVE_CHECK_PN_WHITELIST ?= "" | 47 | CVE_CHECK_SKIP_RECIPE ?= "" |
| 48 | 48 | ||
| 49 | # Whitelist for CVE. If a CVE is found, then it is considered patched. | 49 | # Whitelist for CVE. If a CVE is found, then it is considered patched. |
| 50 | # The value is a string containing space separated CVE values: | 50 | # The value is a string containing space separated CVE values: |
| 51 | # | 51 | # |
| 52 | # CVE_CHECK_WHITELIST = 'CVE-2014-2524 CVE-2018-1234' | 52 | # CVE_CHECK_IGNORE = 'CVE-2014-2524 CVE-2018-1234' |
| 53 | # | 53 | # |
| 54 | CVE_CHECK_WHITELIST ?= "" | 54 | CVE_CHECK_IGNORE ?= "" |
| 55 | 55 | ||
| 56 | # Layers to be excluded | 56 | # Layers to be excluded |
| 57 | CVE_CHECK_LAYER_EXCLUDELIST ??= "" | 57 | CVE_CHECK_LAYER_EXCLUDELIST ??= "" |
| @@ -178,11 +178,11 @@ def check_cves(d, patched_cves): | |||
| 178 | pv = d.getVar("CVE_VERSION").split("+git")[0] | 178 | pv = d.getVar("CVE_VERSION").split("+git")[0] |
| 179 | 179 | ||
| 180 | # If the recipe has been whitelisted we return empty lists | 180 | # If the recipe has been whitelisted we return empty lists |
| 181 | if pn in d.getVar("CVE_CHECK_PN_WHITELIST").split(): | 181 | if pn in d.getVar("CVE_CHECK_SKIP_RECIPE").split(): |
| 182 | bb.note("Recipe has been whitelisted, skipping check") | 182 | bb.note("Recipe has been whitelisted, skipping check") |
| 183 | return ([], [], []) | 183 | return ([], [], []) |
| 184 | 184 | ||
| 185 | cve_whitelist = d.getVar("CVE_CHECK_WHITELIST").split() | 185 | cve_whitelist = d.getVar("CVE_CHECK_IGNORE").split() |
| 186 | 186 | ||
| 187 | import sqlite3 | 187 | import sqlite3 |
| 188 | db_file = d.expand("file:${CVE_CHECK_DB_FILE}?mode=ro") | 188 | db_file = d.expand("file:${CVE_CHECK_DB_FILE}?mode=ro") |