diff options
Diffstat (limited to 'meta')
-rw-r--r-- | meta/lib/oeqa/selftest/cases/cve_check.py | 26 | ||||
-rw-r--r-- | meta/recipes-extended/logrotate/logrotate_3.21.0.bb | 5 |
2 files changed, 24 insertions, 7 deletions
diff --git a/meta/lib/oeqa/selftest/cases/cve_check.py b/meta/lib/oeqa/selftest/cases/cve_check.py index 9534c9775c..60cecd1328 100644 --- a/meta/lib/oeqa/selftest/cases/cve_check.py +++ b/meta/lib/oeqa/selftest/cases/cve_check.py | |||
@@ -207,18 +207,34 @@ CVE_CHECK_REPORT_PATCHED = "1" | |||
207 | self.assertEqual(len(report["package"]), 1) | 207 | self.assertEqual(len(report["package"]), 1) |
208 | package = report["package"][0] | 208 | package = report["package"][0] |
209 | self.assertEqual(package["name"], "logrotate") | 209 | self.assertEqual(package["name"], "logrotate") |
210 | found_cves = { issue["id"]: issue["status"] for issue in package["issue"]} | 210 | found_cves = {} |
211 | for issue in package["issue"]: | ||
212 | found_cves[issue["id"]] = { | ||
213 | "status" : issue["status"], | ||
214 | "detail" : issue["detail"] if "detail" in issue else "", | ||
215 | "description" : issue["description"] if "description" in issue else "" | ||
216 | } | ||
211 | # m4 CVE should not be in logrotate | 217 | # m4 CVE should not be in logrotate |
212 | self.assertNotIn("CVE-2008-1687", found_cves) | 218 | self.assertNotIn("CVE-2008-1687", found_cves) |
213 | # logrotate has both Patched and Ignored CVEs | 219 | # logrotate has both Patched and Ignored CVEs |
214 | self.assertIn("CVE-2011-1098", found_cves) | 220 | self.assertIn("CVE-2011-1098", found_cves) |
215 | self.assertEqual(found_cves["CVE-2011-1098"], "Patched") | 221 | self.assertEqual(found_cves["CVE-2011-1098"]["status"], "Patched") |
222 | self.assertEqual(len(found_cves["CVE-2011-1098"]["detail"]), 0) | ||
223 | self.assertEqual(len(found_cves["CVE-2011-1098"]["description"]), 0) | ||
224 | detail = "not-applicable-platform" | ||
225 | description = "CVE is debian, gentoo or SUSE specific on the way logrotate was installed/used" | ||
216 | self.assertIn("CVE-2011-1548", found_cves) | 226 | self.assertIn("CVE-2011-1548", found_cves) |
217 | self.assertEqual(found_cves["CVE-2011-1548"], "Ignored") | 227 | self.assertEqual(found_cves["CVE-2011-1548"]["status"], "Ignored") |
228 | self.assertEqual(found_cves["CVE-2011-1548"]["detail"], detail) | ||
229 | self.assertEqual(found_cves["CVE-2011-1548"]["description"], description) | ||
218 | self.assertIn("CVE-2011-1549", found_cves) | 230 | self.assertIn("CVE-2011-1549", found_cves) |
219 | self.assertEqual(found_cves["CVE-2011-1549"], "Ignored") | 231 | self.assertEqual(found_cves["CVE-2011-1549"]["status"], "Ignored") |
232 | self.assertEqual(found_cves["CVE-2011-1549"]["detail"], detail) | ||
233 | self.assertEqual(found_cves["CVE-2011-1549"]["description"], description) | ||
220 | self.assertIn("CVE-2011-1550", found_cves) | 234 | self.assertIn("CVE-2011-1550", found_cves) |
221 | self.assertEqual(found_cves["CVE-2011-1550"], "Ignored") | 235 | self.assertEqual(found_cves["CVE-2011-1550"]["status"], "Ignored") |
236 | self.assertEqual(found_cves["CVE-2011-1550"]["detail"], detail) | ||
237 | self.assertEqual(found_cves["CVE-2011-1550"]["description"], description) | ||
222 | 238 | ||
223 | self.assertExists(summary_json) | 239 | self.assertExists(summary_json) |
224 | check_m4_json(summary_json) | 240 | check_m4_json(summary_json) |
diff --git a/meta/recipes-extended/logrotate/logrotate_3.21.0.bb b/meta/recipes-extended/logrotate/logrotate_3.21.0.bb index f0755e3ae5..10a6149abc 100644 --- a/meta/recipes-extended/logrotate/logrotate_3.21.0.bb +++ b/meta/recipes-extended/logrotate/logrotate_3.21.0.bb | |||
@@ -16,8 +16,9 @@ SRC_URI = "${GITHUB_BASE_URI}/download/${PV}/${BP}.tar.xz \ | |||
16 | 16 | ||
17 | SRC_URI[sha256sum] = "8fa12015e3b8415c121fc9c0ca53aa872f7b0702f543afda7e32b6c4900f6516" | 17 | SRC_URI[sha256sum] = "8fa12015e3b8415c121fc9c0ca53aa872f7b0702f543afda7e32b6c4900f6516" |
18 | 18 | ||
19 | # These CVEs are debian, gentoo or SUSE specific on the way logrotate was installed/used | 19 | CVE_STATUS_GROUPS = "CVE_STATUS_RECIPE" |
20 | CVE_CHECK_IGNORE += "CVE-2011-1548 CVE-2011-1549 CVE-2011-1550" | 20 | CVE_STATUS_RECIPE = "CVE-2011-1548 CVE-2011-1549 CVE-2011-1550" |
21 | CVE_STATUS_RECIPE[status] = "not-applicable-platform: CVE is debian, gentoo or SUSE specific on the way logrotate was installed/used" | ||
21 | 22 | ||
22 | PACKAGECONFIG ?= "${@bb.utils.filter('DISTRO_FEATURES', 'acl selinux', d)}" | 23 | PACKAGECONFIG ?= "${@bb.utils.filter('DISTRO_FEATURES', 'acl selinux', d)}" |
23 | 24 | ||