diff options
-rw-r--r-- | meta/classes/cve-check.bbclass | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass index c00d2910be..f87bcc9dc6 100644 --- a/meta/classes/cve-check.bbclass +++ b/meta/classes/cve-check.bbclass | |||
@@ -208,12 +208,14 @@ def check_cves(d, patched_cves): | |||
208 | 208 | ||
209 | if cve in cve_whitelist: | 209 | if cve in cve_whitelist: |
210 | bb.note("%s-%s has been whitelisted for %s" % (product, pv, cve)) | 210 | bb.note("%s-%s has been whitelisted for %s" % (product, pv, cve)) |
211 | # TODO: this should be in the report as 'whitelisted' | ||
212 | patched_cves.add(cve) | ||
211 | elif cve in patched_cves: | 213 | elif cve in patched_cves: |
212 | bb.note("%s has been patched" % (cve)) | 214 | bb.note("%s has been patched" % (cve)) |
213 | else: | 215 | else: |
214 | to_append = False | 216 | to_append = False |
215 | if (operator_start == '=' and pv == version_start): | 217 | if (operator_start == '=' and pv == version_start): |
216 | cves_unpatched.append(cve) | 218 | to_append = True |
217 | else: | 219 | else: |
218 | if operator_start: | 220 | if operator_start: |
219 | try: | 221 | try: |
@@ -243,8 +245,11 @@ def check_cves(d, patched_cves): | |||
243 | to_append = to_append_start or to_append_end | 245 | to_append = to_append_start or to_append_end |
244 | 246 | ||
245 | if to_append: | 247 | if to_append: |
248 | bb.note("%s-%s is vulnerable to %s" % (product, pv, cve)) | ||
246 | cves_unpatched.append(cve) | 249 | cves_unpatched.append(cve) |
247 | bb.debug(2, "%s-%s is not patched for %s" % (product, pv, cve)) | 250 | else: |
251 | bb.note("%s-%s is not vulnerable to %s" % (product, pv, cve)) | ||
252 | patched_cves.add(cve) | ||
248 | conn.close() | 253 | conn.close() |
249 | 254 | ||
250 | return (list(patched_cves), cves_unpatched) | 255 | return (list(patched_cves), cves_unpatched) |