[OE-core] [PATCH 0/3] Add initial capability to check CVEs for recipes
Mariano Lopez
mariano.lopez at linux.intel.com
Thu Feb 25 17:22:23 UTC 2016
On 02/25/2016 10:27 AM, akuster wrote:
> So my questions in the bugs go unanswered. If you don't ever intend on
> responding just say so, I do appreciate honestly. I then know where I stand.
>
> - armin
Sorry, for not answered the bug earlier, to be honest I hadn't seen your
comment earlier.
I just replied to the bug.
Mariano
>
> On 02/24/2016 07:27 AM, mariano.lopez at linux.intel.com wrote:
>> From: Mariano Lopez <mariano.lopez at linux.intel.com>
>>
>> This series add the cve-check-tool recipe, a tool used to identify
>> potentially vulnerable software through version matching. It will
>> check if a vulnerability has been addressed by a patch.
>>
>> Also add the new cve-check class that will add a task for all recipes
>> to check for CVEs using cve-check-tool. This tool can be used by recipe,
>> image (will generate an image report in deploy dir), and with "world"
>> and "universe"
>>
>> To run it just inherit the class and enter:
>>
>> bitbake -c cve_check <recipe>
>>
>> The following changes since commit 23056103c949b498c23b47579e8dd57ce78e6ed9:
>>
>> uclibc: Do not use immediate expansion operator (2016-02-22 20:42:48 +0000)
>>
>> are available in the git repository at:
>>
>> git://git.yoctoproject.org/poky-contrib mariano/bug7515
>> http://git.yoctoproject.org/cgit.cgi/poky-contrib/log/?h=mariano/bug7515
>>
>> Mariano Lopez (3):
>> cve-check-tool: Add recipe
>> cve-check-tool patch to allow select dir for the db
>> cve-check.bbclass: Add class
>>
>> meta/classes/cve-check.bbclass | 229 +++++++++++++++++++++
>> .../change_logic_cve_get_file_parent.patch | 45 ++++
>> .../cve-check-tool/cve-check-tool_5.6.bb | 61 ++++++
>> 3 files changed, 335 insertions(+)
>> create mode 100644 meta/classes/cve-check.bbclass
>> create mode 100644 meta/recipes-devtools/cve-check-tool/cve-check-tool/change_logic_cve_get_file_parent.patch
>> create mode 100644 meta/recipes-devtools/cve-check-tool/cve-check-tool_5.6.bb
>>
--
Mariano Lopez
More information about the Openembedded-core
mailing list