summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--meta/classes/cve-check.bbclass9
1 files changed, 7 insertions, 2 deletions
diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass
index c00d2910be..f87bcc9dc6 100644
--- a/meta/classes/cve-check.bbclass
+++ b/meta/classes/cve-check.bbclass
@@ -208,12 +208,14 @@ def check_cves(d, patched_cves):
208 208
209 if cve in cve_whitelist: 209 if cve in cve_whitelist:
210 bb.note("%s-%s has been whitelisted for %s" % (product, pv, cve)) 210 bb.note("%s-%s has been whitelisted for %s" % (product, pv, cve))
211 # TODO: this should be in the report as 'whitelisted'
212 patched_cves.add(cve)
211 elif cve in patched_cves: 213 elif cve in patched_cves:
212 bb.note("%s has been patched" % (cve)) 214 bb.note("%s has been patched" % (cve))
213 else: 215 else:
214 to_append = False 216 to_append = False
215 if (operator_start == '=' and pv == version_start): 217 if (operator_start == '=' and pv == version_start):
216 cves_unpatched.append(cve) 218 to_append = True
217 else: 219 else:
218 if operator_start: 220 if operator_start:
219 try: 221 try:
@@ -243,8 +245,11 @@ def check_cves(d, patched_cves):
243 to_append = to_append_start or to_append_end 245 to_append = to_append_start or to_append_end
244 246
245 if to_append: 247 if to_append:
248 bb.note("%s-%s is vulnerable to %s" % (product, pv, cve))
246 cves_unpatched.append(cve) 249 cves_unpatched.append(cve)
247 bb.debug(2, "%s-%s is not patched for %s" % (product, pv, cve)) 250 else:
251 bb.note("%s-%s is not vulnerable to %s" % (product, pv, cve))
252 patched_cves.add(cve)
248 conn.close() 253 conn.close()
249 254
250 return (list(patched_cves), cves_unpatched) 255 return (list(patched_cves), cves_unpatched)