diff options
| author |   Michael Opdenacker <michael.opdenacker@bootlin.com> | 2021-08-05 18:50:46 +0200 |
|---|---|---|
| committer |   Anuj Mittal <anuj.mittal@intel.com> | 2021-08-09 10:19:38 +0800 |
| commit | fea9f2edf515cca07e867213294d0e6dafbfbd74 (patch) | |
| tree | c130cedb1508e152e0d6bd2848e89838e04dc012 /meta | |
| parent | 7dfaadfbdc5f5e6dd96fadb092314ab9d05674fd (diff) | |
| download | openembedded-core-contrib-fea9f2edf515cca07e867213294d0e6dafbfbd74.tar.gz | |
cve-check: improve comment about CVE patch file names
Signed-off-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 8aa613480663e11ecc62278d8c57ca719eb23899)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Diffstat (limited to 'meta')
| -rw-r--r-- | meta/classes/cve-check.bbclass | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass index 246393338c..4fa1a64f85 100644 --- a/meta/classes/cve-check.bbclass +++ b/meta/classes/cve-check.bbclass @@ -166,9 +166,12 @@ def get_patches_cves(d): pn = d.getVar("PN") cve_match = re.compile("CVE:( CVE\-\d{4}\-\d+)+") - # Matches last CVE-1234-211432 in the file name, also if written - # with small letters. Not supporting multiple CVE id's in a single - # file name. + # Matches the last "CVE-YYYY-ID" in the file name, also if written + # in lowercase. Possible to have multiple CVE IDs in a single + # file name, but only the last one will be detected from the file name. + # However, patch files contents addressing multiple CVE IDs are supported + # (cve_match regular expression) + cve_file_name_match = re.compile(".*([Cc][Vv][Ee]\-\d{4}\-\d+)") patched_cves = set() |