diff options
| -rw-r--r-- | meta/lib/oe/cve_check.py | 7 | ||||
| -rw-r--r-- | meta/lib/oeqa/selftest/cases/cve_check.py | 8 | ||||
| -rw-r--r-- | meta/recipes-extended/sudo/sudo.inc | 2 |
3 files changed, 16 insertions, 1 deletions
diff --git a/meta/lib/oe/cve_check.py b/meta/lib/oe/cve_check.py index ce755f940a..a1d7c292af 100644 --- a/meta/lib/oe/cve_check.py +++ b/meta/lib/oe/cve_check.py | |||
| @@ -11,8 +11,13 @@ _Version = collections.namedtuple( | |||
| 11 | class Version(): | 11 | class Version(): |
| 12 | 12 | ||
| 13 | def __init__(self, version, suffix=None): | 13 | def __init__(self, version, suffix=None): |
| 14 | |||
| 15 | suffixes = ["alphabetical", "patch"] | ||
| 16 | |||
| 14 | if str(suffix) == "alphabetical": | 17 | if str(suffix) == "alphabetical": |
| 15 | version_pattern = r"""r?v?(?:(?P<release>[0-9]+(?:[-\.][0-9]+)*)(?P<patch>[-_\.]?(?P<patch_l>[a-z]))?(?P<pre>[-_\.]?(?P<pre_l>(rc|alpha|beta|pre|preview|dev))[-_\.]?(?P<pre_v>[0-9]+)?)?)(.*)?""" | 18 | version_pattern = r"""r?v?(?:(?P<release>[0-9]+(?:[-\.][0-9]+)*)(?P<patch>[-_\.]?(?P<patch_l>[a-z]))?(?P<pre>[-_\.]?(?P<pre_l>(rc|alpha|beta|pre|preview|dev))[-_\.]?(?P<pre_v>[0-9]+)?)?)(.*)?""" |
| 19 | elif str(suffix) == "patch": | ||
| 20 | version_pattern = r"""r?v?(?:(?P<release>[0-9]+(?:[-\.][0-9]+)*)(?P<patch>[-_\.]?(p|patch)(?P<patch_l>[0-9]+))?(?P<pre>[-_\.]?(?P<pre_l>(rc|alpha|beta|pre|preview|dev))[-_\.]?(?P<pre_v>[0-9]+)?)?)(.*)?""" | ||
| 16 | else: | 21 | else: |
| 17 | version_pattern = r"""r?v?(?:(?P<release>[0-9]+(?:[-\.][0-9]+)*)(?P<pre>[-_\.]?(?P<pre_l>(rc|alpha|beta|pre|preview|dev))[-_\.]?(?P<pre_v>[0-9]+)?)?)(.*)?""" | 22 | version_pattern = r"""r?v?(?:(?P<release>[0-9]+(?:[-\.][0-9]+)*)(?P<pre>[-_\.]?(?P<pre_l>(rc|alpha|beta|pre|preview|dev))[-_\.]?(?P<pre_v>[0-9]+)?)?)(.*)?""" |
| 18 | regex = re.compile(r"^\s*" + version_pattern + r"\s*$", re.VERBOSE | re.IGNORECASE) | 23 | regex = re.compile(r"^\s*" + version_pattern + r"\s*$", re.VERBOSE | re.IGNORECASE) |
| @@ -23,7 +28,7 @@ class Version(): | |||
| 23 | 28 | ||
| 24 | self._version = _Version( | 29 | self._version = _Version( |
| 25 | release=tuple(int(i) for i in match.group("release").replace("-",".").split(".")), | 30 | release=tuple(int(i) for i in match.group("release").replace("-",".").split(".")), |
| 26 | patch_l=match.group("patch_l") if str(suffix) == "alphabetical" and match.group("patch_l") else "", | 31 | patch_l=match.group("patch_l") if str(suffix) in suffixes and match.group("patch_l") else "", |
| 27 | pre_l=match.group("pre_l"), | 32 | pre_l=match.group("pre_l"), |
| 28 | pre_v=match.group("pre_v") | 33 | pre_v=match.group("pre_v") |
| 29 | ) | 34 | ) |
diff --git a/meta/lib/oeqa/selftest/cases/cve_check.py b/meta/lib/oeqa/selftest/cases/cve_check.py index 3f343a2841..d1947baffc 100644 --- a/meta/lib/oeqa/selftest/cases/cve_check.py +++ b/meta/lib/oeqa/selftest/cases/cve_check.py | |||
| @@ -34,3 +34,11 @@ class CVECheck(OESelftestTestCase): | |||
| 34 | self.assertTrue( result ,msg="Failed to compare version with suffix '1.0b' < '1.0r'") | 34 | self.assertTrue( result ,msg="Failed to compare version with suffix '1.0b' < '1.0r'") |
| 35 | result = Version("1.0b","alphabetical") > Version("1.0","alphabetical") | 35 | result = Version("1.0b","alphabetical") > Version("1.0","alphabetical") |
| 36 | self.assertTrue( result ,msg="Failed to compare version with suffix '1.0b' > '1.0'") | 36 | self.assertTrue( result ,msg="Failed to compare version with suffix '1.0b' > '1.0'") |
| 37 | |||
| 38 | # consider the trailing "p" and "patch" as patched released when comparing | ||
| 39 | result = Version("1.0","patch") < Version("1.0p1","patch") | ||
| 40 | self.assertTrue( result ,msg="Failed to compare version with suffix '1.0' < '1.0p1'") | ||
| 41 | result = Version("1.0p2","patch") > Version("1.0p1","patch") | ||
| 42 | self.assertTrue( result ,msg="Failed to compare version with suffix '1.0p2' > '1.0p1'") | ||
| 43 | result = Version("1.0_patch2","patch") < Version("1.0_patch3","patch") | ||
| 44 | self.assertTrue( result ,msg="Failed to compare version with suffix '1.0_patch2' < '1.0_patch3'") | ||
diff --git a/meta/recipes-extended/sudo/sudo.inc b/meta/recipes-extended/sudo/sudo.inc index 97ecabe0fc..0bea35a0a3 100644 --- a/meta/recipes-extended/sudo/sudo.inc +++ b/meta/recipes-extended/sudo/sudo.inc | |||
| @@ -49,3 +49,5 @@ do_compile_prepend () { | |||
| 49 | do_install_prepend (){ | 49 | do_install_prepend (){ |
| 50 | mkdir -p ${D}/${localstatedir}/lib | 50 | mkdir -p ${D}/${localstatedir}/lib |
| 51 | } | 51 | } |
| 52 | |||
| 53 | CVE_VERSION_SUFFIX = "patch" | ||