Re: [OE-core] [kirkstone][PATCH] cve-exclusion: Drop the version comparision/warning

Yoann Congal via lists.openembedded.org Fri, 13 Sep 2024 06:19:16 -0700

Le ven. 13 sept. 2024 à 15:14, Steve Sakoman <st...@sakoman.com> a écrit :
>
> On Thu, Sep 12, 2024 at 11:35 PM Yoann Congal via
> lists.openembedded.org <yoann.congal=smile...@lists.openembedded.org>
> wrote:
> >
> > Le ven. 13 sept. 2024 à 00:59, Yoann Congal <yoann.con...@smile.fr> a écrit 
> > :
> > >
> > > From: Richard Purdie <richard.pur...@linuxfoundation.org>
> > >
> > > Since the CVE repository is no longer being updated, drop the warning
> > > comparision since it is no longer valid.
> > >
> > > Signed-off-by: Richard Purdie <richard.pur...@linuxfoundation.org>
> > > (cherry picked from commit 9a232a9c3023dfec7e2d2c7e384d64006d1cf1af)
> > > Signed-off-by: Yoann Congal <yoann.con...@smile.fr>
> > > Backport: Applied the idea of the original patch to the corresponding
> > > files.
> > > ---
> >
> > Maybe I should have added that this is to avoid the warning on every
> > kirkstone metrics AB run :
> > https://autobuilder.yoctoproject.org/typhoon/#/builders/138/builds/2234
>
> Is this version to be preferred to the one that is currently out for review?
>
> https://lists.openembedded.org/g/openembedded-core/message/204408


Ahh I missed it.
Both have the same content, no reason to prefer mine over Alexandre
Belloni's so you can ignore mine.

Thanks!


> Thanks!
>
> Steve
>
> >
> > >
> > >  meta/recipes-kernel/linux/cve-exclusion_5.10.inc | 14 +++++++-------
> > >  meta/recipes-kernel/linux/cve-exclusion_5.15.inc | 14 +++++++-------
> > >  2 files changed, 14 insertions(+), 14 deletions(-)
> > >
> > > diff --git a/meta/recipes-kernel/linux/cve-exclusion_5.10.inc 
> > > b/meta/recipes-kernel/linux/cve-exclusion_5.10.inc
> > > index 4d959c90b1..4ce0664c0d 100644
> > > --- a/meta/recipes-kernel/linux/cve-exclusion_5.10.inc
> > > +++ b/meta/recipes-kernel/linux/cve-exclusion_5.10.inc
> > > @@ -2,13 +2,13 @@
> > >  # Auto-generated CVE metadata, DO NOT EDIT BY HAND.
> > >  # Generated at 2024-02-21 03:55:27.305577 for version 5.10.209
> > >
> > > -python check_kernel_cve_status_version() {
> > > -    this_version = "5.10.209"
> > > -    kernel_version = d.getVar("LINUX_VERSION")
> > > -    if kernel_version != this_version:
> > > -        bb.warn("Kernel CVE status needs updating: generated for %s but 
> > > kernel is %s" % (this_version, kernel_version))
> > > -}
> > > -do_cve_check[prefuncs] += "check_kernel_cve_status_version"
> > > +#python check_kernel_cve_status_version() {
> > > +#    this_version = "5.10.209"
> > > +#    kernel_version = d.getVar("LINUX_VERSION")
> > > +#    if kernel_version != this_version:
> > > +#        bb.warn("Kernel CVE status needs updating: generated for %s but 
> > > kernel is %s" % (this_version, kernel_version))
> > > +#}
> > > +#do_cve_check[prefuncs] += "check_kernel_cve_status_version"
> > >
> > >  # fixed-version: Fixed after version 2.6.12rc2
> > >  CVE_CHECK_IGNORE += "CVE-2003-1604"
> > > diff --git a/meta/recipes-kernel/linux/cve-exclusion_5.15.inc 
> > > b/meta/recipes-kernel/linux/cve-exclusion_5.15.inc
> > > index f5ccf2bc22..1f5c783db4 100644
> > > --- a/meta/recipes-kernel/linux/cve-exclusion_5.15.inc
> > > +++ b/meta/recipes-kernel/linux/cve-exclusion_5.15.inc
> > > @@ -2,13 +2,13 @@
> > >  # Auto-generated CVE metadata, DO NOT EDIT BY HAND.
> > >  # Generated at 2024-05-02 12:18:54.390781 for version 5.15.157
> > >
> > > -python check_kernel_cve_status_version() {
> > > -    this_version = "5.15.157"
> > > -    kernel_version = d.getVar("LINUX_VERSION")
> > > -    if kernel_version != this_version:
> > > -        bb.warn("Kernel CVE status needs updating: generated for %s but 
> > > kernel is %s" % (this_version, kernel_version))
> > > -}
> > > -do_cve_check[prefuncs] += "check_kernel_cve_status_version"
> > > +#python check_kernel_cve_status_version() {
> > > +#    this_version = "5.15.157"
> > > +#    kernel_version = d.getVar("LINUX_VERSION")
> > > +#    if kernel_version != this_version:
> > > +#        bb.warn("Kernel CVE status needs updating: generated for %s but 
> > > kernel is %s" % (this_version, kernel_version))
> > > +#}
> > > +#do_cve_check[prefuncs] += "check_kernel_cve_status_version"
> > >
> > >  # fixed-version: Fixed after version 2.6.12rc2
> > >  CVE_CHECK_IGNORE += "CVE-2003-1604"
> >
> >
> >
> > --
> > Yoann Congal
> > Smile ECS - Tech expert
> >
> > 
> >



-- 
Yoann Congal
Smile ECS - Tech expert

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#204484): 
https://lists.openembedded.org/g/openembedded-core/message/204484
Mute This Topic: https://lists.openembedded.org/mt/108422982/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [kirkstone][PATCH] cve-exclusion: Drop the version comparision/warning

Reply via email to