From 4873716c0cb436c82e877db2bba2d748b675c08b Mon Sep 17 00:00:00 2001 From: Ross Burton Date: Fri, 9 Feb 2018 12:37:08 +0000 Subject: cve-check: allow recipes to override their version For reasons which I don't understand, the Berkeley DB tarball is version 5.3.28 but in CVE reports the version is 11.2.5.3.28. To handle this allow recipes to override their version as well as their name. (From OE-Core rev: 36fbf96cf284acbc810ff3bf00702f1f82bc0da9) Signed-off-by: Ross Burton Signed-off-by: Richard Purdie --- meta/classes/cve-check.bbclass | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'meta/classes/cve-check.bbclass') diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass index 62dd6424d5..061e883fa7 100644 --- a/meta/classes/cve-check.bbclass +++ b/meta/classes/cve-check.bbclass @@ -23,6 +23,7 @@ # The product name that the CVE database uses. Defaults to BPN, but may need to # be overriden per recipe (for example tiff.bb sets CVE_PRODUCT=libtiff). CVE_PRODUCT ??= "${BPN}" +CVE_VERSION ??= "${PV}" CVE_CHECK_DB_DIR ?= "${DL_DIR}/CVE_CHECK" CVE_CHECK_DB_FILE ?= "${CVE_CHECK_DB_DIR}/nvd.db" @@ -168,7 +169,7 @@ def check_cves(d, patched_cves): cves_patched = [] cves_unpatched = [] bpn = d.getVar("CVE_PRODUCT") - pv = d.getVar("PV").split("+git")[0] + pv = d.getVar("CVE_VERSION").split("+git")[0] cves = " ".join(patched_cves) cve_db_dir = d.getVar("CVE_CHECK_DB_DIR") cve_whitelist = ast.literal_eval(d.getVar("CVE_CHECK_CVE_WHITELIST")) -- cgit v1.2.3-54-g00ecf