[oe] Using oeaudit.py to check for known security issues
Holger Hans Peter Freyther
holger+oe at freyther.de
Tue Mar 23 09:33:40 UTC 2010
Hi,
here is a rather simple howto:
$ bitbake -s > available
$ export PYTHONPATH=/bitbake/lib
$ /OE/contrib/oeaudit/oeaudit.py -f
This will call wget, tar to get the audifile and place it in the local dir
$ /OE/contrib/oeaudit/oeaudit.py -a auditfile -p available
Now you get a nice list of issues...
TODO items:
- Sometimes the latest upstream version has the bug and we need to
apply a patch. Right now this will still be displayed as
vulnerable.. I will add another file where one can claim to have fixed
certain issues..
- Rewrite in GNU smalltalk
More information about the Openembedded-devel
mailing list