summaryrefslogtreecommitdiffstats
path: root/meta/recipes-devtools/cve-check-tool
Commit message (Collapse)AuthorAgeFilesLines
* cve-check-tool: backport a patch to make CVE checking workChen Qi2017-06-052-0/+53
| | | | | | | | | | | | | | | | | CVE checking in OE didn't work as do_populate_cve_db failed with the following error message. [snip]/downloads/CVE_CHECK/nvdcve-2.0-2002.xml is not consistent Backport a patch to fix this error. (From OE-Core rev: ee55b5685aaa4be92d6d51f8641a559d4e34ce64) (From OE-Core rev: e0f0a7283c597e783b69aac2c8e8a7663b70262d) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cve-check-tool: Use CA cert bundle in correct sysrootJussi Kukkonen2017-02-152-1/+218
| | | | | | | | | | | | | | Native libcurl looks for CA certs in the wrong place by default. * Add patch that allows overriding the default CA certificate location. Patch is originally from meta-security-isafw. * Use the new --cacert to set the correct CA bundle path (From OE-Core rev: 73bd11d5190a072064128cc13b4537154d07b129) Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cve-check-tool: Fixes for recipe sysrootsJussi Kukkonen2017-02-151-1/+2
| | | | | | | | | | | | | | * Use --enable-relative-plugins so cve-check-tool looks for loadable modules relative to binary location instead of hard-coding a wrong sysroot location * do_populate_cve_db() assumes that the binary cve-check-update is in the sysroot. Ensure that this is true by adding a task dependency (From OE-Core rev: 2da6b01893d0afe8750bd0b12a8d55aafa82f58c) Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cve-check-tool: fix upstream version checkAlexander Kanavin2016-10-281-0/+2
| | | | | | | | (From OE-Core rev: 4f96180ef525ad2b2cad935bd7253a5a0a079ff4) Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cve-check-tool: report progress when downloading CVE databaseAndré Draszik2016-09-302-0/+137
| | | | | | | | | | | We add a patch to report the progress, and at the same time inform bitbake that progress can be extracted via the simple 'percent' progress handler. (From OE-Core rev: 145a29ca99d9fec5eff97d77c8cff6356fe88ba5) Signed-off-by: André Draszik <git@andred.net> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cve-check-tool: convert do_populate_cve_db() from python to shAndré Draszik2016-09-301-26/+19
| | | | | | | | | | This will allow us to easily incorporate progress support via bb.process.run() (From OE-Core rev: 1bf0137ac84e5d324fd84dadfa962fbc166b5d4b) Signed-off-by: André Draszik <git@andred.net> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cve-check-tool: Add recipeMariano Lopez2016-09-162-0/+110
cve-check-tool is a program for public CVEs checking. This tool also seek to determine if a vulnerability has been addressed by a patch. The recipe also includes the do_populate_cve_db task that will populate the database used by the tool. [YOCTO #7515] (From OE-Core rev: 5deadfe634638b99420342950bc544547f7121dc) Signed-off-by: Mariano Lopez <mariano.lopez@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-11-15 18:28:30 +0000