summaryrefslogtreecommitdiffstats
path: root/meta/classes/linuxloader.bbclass
diff options
context:
space:
mode:
authorRoss Burton <ross.burton@intel.com>2019-11-24 15:50:13 -0800
committerRichard Purdie <richard.purdie@linuxfoundation.org>2019-11-25 21:37:40 +0000
commit728f969be0017e491cef2bae54d7b226f4977252 (patch)
tree025b876439eb9bb3aae8c32854149ddacacb7aba /meta/classes/linuxloader.bbclass
parent7eaa8b0c3618a7bde9642c57d31e7d80d266f25e (diff)
downloadpoky-728f969be0017e491cef2bae54d7b226f4977252.tar.gz
cve-check: rewrite look to fix false negatives
A previous optimisation was premature and resulted in false-negatives in the report. Rewrite the checking algorithm to first get the list of potential CVEs by vendor:product, then iterate through every matching CPE for that CVE to determine if the bounds match or not. By doing this in two stages we can know if we've checked every CPE, instead of accidentally breaking out of the scan too early. (From OE-Core rev: d61aff9e22704ad69df1f7ab0f8784f4e7cc0c69) (From OE-Core rev: 0f42a1d4dbb74ab39e81449cf222302bcc04f7db) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/classes/linuxloader.bbclass')
0 files changed, 0 insertions, 0 deletions