diff options
Diffstat (limited to 'meta/classes/cve-check.bbclass')
-rw-r--r-- | meta/classes/cve-check.bbclass | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass index 21d3da7974..2d69aeba4b 100644 --- a/meta/classes/cve-check.bbclass +++ b/meta/classes/cve-check.bbclass | |||
@@ -44,14 +44,14 @@ CVE_CHECK_CREATE_MANIFEST ??= "1" | |||
44 | CVE_CHECK_REPORT_PATCHED ??= "1" | 44 | CVE_CHECK_REPORT_PATCHED ??= "1" |
45 | 45 | ||
46 | # Whitelist for packages (PN) | 46 | # Whitelist for packages (PN) |
47 | CVE_CHECK_PN_WHITELIST ?= "" | 47 | CVE_CHECK_SKIP_RECIPE ?= "" |
48 | 48 | ||
49 | # Whitelist for CVE. If a CVE is found, then it is considered patched. | 49 | # Whitelist for CVE. If a CVE is found, then it is considered patched. |
50 | # The value is a string containing space separated CVE values: | 50 | # The value is a string containing space separated CVE values: |
51 | # | 51 | # |
52 | # CVE_CHECK_WHITELIST = 'CVE-2014-2524 CVE-2018-1234' | 52 | # CVE_CHECK_IGNORE = 'CVE-2014-2524 CVE-2018-1234' |
53 | # | 53 | # |
54 | CVE_CHECK_WHITELIST ?= "" | 54 | CVE_CHECK_IGNORE ?= "" |
55 | 55 | ||
56 | # Layers to be excluded | 56 | # Layers to be excluded |
57 | CVE_CHECK_LAYER_EXCLUDELIST ??= "" | 57 | CVE_CHECK_LAYER_EXCLUDELIST ??= "" |
@@ -178,11 +178,11 @@ def check_cves(d, patched_cves): | |||
178 | pv = d.getVar("CVE_VERSION").split("+git")[0] | 178 | pv = d.getVar("CVE_VERSION").split("+git")[0] |
179 | 179 | ||
180 | # If the recipe has been whitelisted we return empty lists | 180 | # If the recipe has been whitelisted we return empty lists |
181 | if pn in d.getVar("CVE_CHECK_PN_WHITELIST").split(): | 181 | if pn in d.getVar("CVE_CHECK_SKIP_RECIPE").split(): |
182 | bb.note("Recipe has been whitelisted, skipping check") | 182 | bb.note("Recipe has been whitelisted, skipping check") |
183 | return ([], [], []) | 183 | return ([], [], []) |
184 | 184 | ||
185 | cve_whitelist = d.getVar("CVE_CHECK_WHITELIST").split() | 185 | cve_whitelist = d.getVar("CVE_CHECK_IGNORE").split() |
186 | 186 | ||
187 | import sqlite3 | 187 | import sqlite3 |
188 | db_file = d.expand("file:${CVE_CHECK_DB_FILE}?mode=ro") | 188 | db_file = d.expand("file:${CVE_CHECK_DB_FILE}?mode=ro") |