[Buildroot] [PATCH] support/scripts/pkg-stats: properly ignore CVEs in <pkg>_IGNORE_CVES
Titouan Christophe
titouan.christophe at railnova.eu
Wed Feb 19 10:28:19 UTC 2020
Hello Thomas,
On 2/19/20 12:35 AM, Thomas Petazzoni wrote:
> It seems like throughout the series that the CVE pkg-stats support
> went through, the support for ignoring CVEs in the per-package
> <pkg>_IGNORE_CVES variable was forgotten.
Indeed, I'm very sorry for that.
>
> Let's re-introduce this, which is now very simple thanks to the CVE
> class, its .identifier() propertly and the .is_cve_ignored() method of
> the Package class
Thank you !
>
> Cc: Titouan Christophe <titouan.christophe at railnova.eu>
> Signed-off-by: Thomas Petazzoni <thomas.petazzoni at bootlin.com>
> ---
> support/scripts/pkg-stats | 3 +++
> 1 file changed, 3 insertions(+)
>
> diff --git a/support/scripts/pkg-stats b/support/scripts/pkg-stats
> index 920a2be158..c113cf9606 100755
> --- a/support/scripts/pkg-stats
> +++ b/support/scripts/pkg-stats
> @@ -259,6 +259,9 @@ class CVE:
> True if the Buildroot Package object passed as argument is affected
> by this CVE.
> """
> + if br_pkg.is_cve_ignored(self.identifier):
> + return False
> +
> for product in self.each_product():
> if product['product_name'] != br_pkg.name:
> continue
>
Regards,
Titouan
More information about the buildroot
mailing list