summaryrefslogtreecommitdiffstats
path: root/meta/lib
diff options
context:
space:
mode:
authorAndrej Valek <andrej.valek@siemens.com>2023-06-23 13:14:57 +0200
committerRichard Purdie <richard.purdie@linuxfoundation.org>2023-07-19 23:25:01 +0100
commit679b7b6700ec1355a5b15a51c90a7ee339bee97c (patch)
tree9cd098cd6fa467ba9923193f250525a34062d67c /meta/lib
parentbe9883a92bad0fe4c1e9c7302c93dea4ac680f8c (diff)
downloadpoky-679b7b6700ec1355a5b15a51c90a7ee339bee97c.tar.gz
oeqa/selftest/cve_check: rework test to new cve status handling
- After introducing the CVE_STATUS and CVE_CHECK_STATUSMAP flag variables, CVEs could contain a more information for assigned statuses. - Add an example conversion in logrotate recipe. (From OE-Core rev: da1f34b58fd106a40c296b68daf8a7e5db354c9a) Signed-off-by: Andrej Valek <andrej.valek@siemens.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/lib')
-rw-r--r--meta/lib/oeqa/selftest/cases/cve_check.py26
1 files changed, 21 insertions, 5 deletions
diff --git a/meta/lib/oeqa/selftest/cases/cve_check.py b/meta/lib/oeqa/selftest/cases/cve_check.py
index 9534c9775c..60cecd1328 100644
--- a/meta/lib/oeqa/selftest/cases/cve_check.py
+++ b/meta/lib/oeqa/selftest/cases/cve_check.py
@@ -207,18 +207,34 @@ CVE_CHECK_REPORT_PATCHED = "1"
207 self.assertEqual(len(report["package"]), 1) 207 self.assertEqual(len(report["package"]), 1)
208 package = report["package"][0] 208 package = report["package"][0]
209 self.assertEqual(package["name"], "logrotate") 209 self.assertEqual(package["name"], "logrotate")
210 found_cves = { issue["id"]: issue["status"] for issue in package["issue"]} 210 found_cves = {}
211 for issue in package["issue"]:
212 found_cves[issue["id"]] = {
213 "status" : issue["status"],
214 "detail" : issue["detail"] if "detail" in issue else "",
215 "description" : issue["description"] if "description" in issue else ""
216 }
211 # m4 CVE should not be in logrotate 217 # m4 CVE should not be in logrotate
212 self.assertNotIn("CVE-2008-1687", found_cves) 218 self.assertNotIn("CVE-2008-1687", found_cves)
213 # logrotate has both Patched and Ignored CVEs 219 # logrotate has both Patched and Ignored CVEs
214 self.assertIn("CVE-2011-1098", found_cves) 220 self.assertIn("CVE-2011-1098", found_cves)
215 self.assertEqual(found_cves["CVE-2011-1098"], "Patched") 221 self.assertEqual(found_cves["CVE-2011-1098"]["status"], "Patched")
222 self.assertEqual(len(found_cves["CVE-2011-1098"]["detail"]), 0)
223 self.assertEqual(len(found_cves["CVE-2011-1098"]["description"]), 0)
224 detail = "not-applicable-platform"
225 description = "CVE is debian, gentoo or SUSE specific on the way logrotate was installed/used"
216 self.assertIn("CVE-2011-1548", found_cves) 226 self.assertIn("CVE-2011-1548", found_cves)
217 self.assertEqual(found_cves["CVE-2011-1548"], "Ignored") 227 self.assertEqual(found_cves["CVE-2011-1548"]["status"], "Ignored")
228 self.assertEqual(found_cves["CVE-2011-1548"]["detail"], detail)
229 self.assertEqual(found_cves["CVE-2011-1548"]["description"], description)
218 self.assertIn("CVE-2011-1549", found_cves) 230 self.assertIn("CVE-2011-1549", found_cves)
219 self.assertEqual(found_cves["CVE-2011-1549"], "Ignored") 231 self.assertEqual(found_cves["CVE-2011-1549"]["status"], "Ignored")
232 self.assertEqual(found_cves["CVE-2011-1549"]["detail"], detail)
233 self.assertEqual(found_cves["CVE-2011-1549"]["description"], description)
220 self.assertIn("CVE-2011-1550", found_cves) 234 self.assertIn("CVE-2011-1550", found_cves)
221 self.assertEqual(found_cves["CVE-2011-1550"], "Ignored") 235 self.assertEqual(found_cves["CVE-2011-1550"]["status"], "Ignored")
236 self.assertEqual(found_cves["CVE-2011-1550"]["detail"], detail)
237 self.assertEqual(found_cves["CVE-2011-1550"]["description"], description)
222 238
223 self.assertExists(summary_json) 239 self.assertExists(summary_json)
224 check_m4_json(summary_json) 240 check_m4_json(summary_json)
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-06-13 12:24:17 +0000