[oe-commits] [openembedded-core] 32/56: cve-check: allow recipes to override their version

[git at git.openembedded.org]

This is an automated email from the git hooks/post-receive script.

rpurdie pushed a commit to branch master
in repository openembedded-core.

commit 36fbf96cf284acbc810ff3bf00702f1f82bc0da9
Author: Ross Burton <ross.burton at intel.com>
AuthorDate: Fri Feb 9 12:37:08 2018 +0000

    cve-check: allow recipes to override their version
    
    For reasons which I don't understand, the Berkeley DB tarball is version 5.3.28
    but in CVE reports the version is 11.2.5.3.28.
    
    To handle this allow recipes to override their version as well as their name.
    
    Signed-off-by: Ross Burton <ross.burton at intel.com>
---
 meta/classes/cve-check.bbclass | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass
index 62dd642..061e883 100644
--- a/meta/classes/cve-check.bbclass
+++ b/meta/classes/cve-check.bbclass
@@ -23,6 +23,7 @@
 # The product name that the CVE database uses.  Defaults to BPN, but may need to
 # be overriden per recipe (for example tiff.bb sets CVE_PRODUCT=libtiff).
 CVE_PRODUCT ??= "${BPN}"
+CVE_VERSION ??= "${PV}"
 
 CVE_CHECK_DB_DIR ?= "${DL_DIR}/CVE_CHECK"
 CVE_CHECK_DB_FILE ?= "${CVE_CHECK_DB_DIR}/nvd.db"
@@ -168,7 +169,7 @@ def check_cves(d, patched_cves):
     cves_patched = []
     cves_unpatched = []
     bpn = d.getVar("CVE_PRODUCT")
-    pv = d.getVar("PV").split("+git")[0]
+    pv = d.getVar("CVE_VERSION").split("+git")[0]
     cves = " ".join(patched_cves)
     cve_db_dir = d.getVar("CVE_CHECK_DB_DIR")
     cve_whitelist = ast.literal_eval(d.getVar("CVE_CHECK_CVE_WHITELIST"))

-- 
To stop receiving notification emails like this one, please contact
the administrator of this repository.