diff options
Diffstat (limited to 'meta/classes/cve-check.bbclass')
-rw-r--r-- | meta/classes/cve-check.bbclass | 12 |
1 files changed, 8 insertions, 4 deletions
diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass index 93af667544..dbff852e18 100644 --- a/meta/classes/cve-check.bbclass +++ b/meta/classes/cve-check.bbclass | |||
@@ -50,6 +50,9 @@ CVE_CHECK_PN_WHITELIST ?= "" | |||
50 | # | 50 | # |
51 | CVE_CHECK_WHITELIST ?= "" | 51 | CVE_CHECK_WHITELIST ?= "" |
52 | 52 | ||
53 | # set to "alphabetical" for version using single alphabetical character as increament release | ||
54 | CVE_VERSION_SUFFIX ??= "" | ||
55 | |||
53 | python cve_save_summary_handler () { | 56 | python cve_save_summary_handler () { |
54 | import shutil | 57 | import shutil |
55 | import datetime | 58 | import datetime |
@@ -207,6 +210,7 @@ def check_cves(d, patched_cves): | |||
207 | 210 | ||
208 | pn = d.getVar("PN") | 211 | pn = d.getVar("PN") |
209 | real_pv = d.getVar("PV") | 212 | real_pv = d.getVar("PV") |
213 | suffix = d.getVar("CVE_VERSION_SUFFIX") | ||
210 | 214 | ||
211 | cves_unpatched = [] | 215 | cves_unpatched = [] |
212 | # CVE_PRODUCT can contain more than one product (eg. curl/libcurl) | 216 | # CVE_PRODUCT can contain more than one product (eg. curl/libcurl) |
@@ -260,8 +264,8 @@ def check_cves(d, patched_cves): | |||
260 | else: | 264 | else: |
261 | if operator_start: | 265 | if operator_start: |
262 | try: | 266 | try: |
263 | vulnerable_start = (operator_start == '>=' and Version(pv) >= Version(version_start)) | 267 | vulnerable_start = (operator_start == '>=' and Version(pv,suffix) >= Version(version_start,suffix)) |
264 | vulnerable_start |= (operator_start == '>' and Version(pv) > Version(version_start)) | 268 | vulnerable_start |= (operator_start == '>' and Version(pv,suffix) > Version(version_start,suffix)) |
265 | except: | 269 | except: |
266 | bb.warn("%s: Failed to compare %s %s %s for %s" % | 270 | bb.warn("%s: Failed to compare %s %s %s for %s" % |
267 | (product, pv, operator_start, version_start, cve)) | 271 | (product, pv, operator_start, version_start, cve)) |
@@ -271,8 +275,8 @@ def check_cves(d, patched_cves): | |||
271 | 275 | ||
272 | if operator_end: | 276 | if operator_end: |
273 | try: | 277 | try: |
274 | vulnerable_end = (operator_end == '<=' and Version(pv) <= Version(version_end) ) | 278 | vulnerable_end = (operator_end == '<=' and Version(pv,suffix) <= Version(version_end,suffix) ) |
275 | vulnerable_end |= (operator_end == '<' and Version(pv) < Version(version_end) ) | 279 | vulnerable_end |= (operator_end == '<' and Version(pv,suffix) < Version(version_end,suffix) ) |
276 | except: | 280 | except: |
277 | bb.warn("%s: Failed to compare %s %s %s for %s" % | 281 | bb.warn("%s: Failed to compare %s %s %s for %s" % |
278 | (product, pv, operator_end, version_end, cve)) | 282 | (product, pv, operator_end, version_end, cve)) |