Message ID | 20200218233527.128481-1-thomas.petazzoni@bootlin.com |
---|---|
State | Accepted |
Headers | show |
Series | support/scripts/pkg-stats: properly ignore CVEs in <pkg>_IGNORE_CVES | expand |
>>>>> "Thomas" == Thomas Petazzoni <thomas.petazzoni@bootlin.com> writes: > It seems like throughout the series that the CVE pkg-stats support > went through, the support for ignoring CVEs in the per-package > <pkg>_IGNORE_CVES variable was forgotten. > Let's re-introduce this, which is now very simple thanks to the CVE > class, its .identifier() propertly and the .is_cve_ignored() method of > the Package class > Cc: Titouan Christophe <titouan.christophe@railnova.eu> > Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> Committed, thanks.
Hello Thomas, On 2/19/20 12:35 AM, Thomas Petazzoni wrote: > It seems like throughout the series that the CVE pkg-stats support > went through, the support for ignoring CVEs in the per-package > <pkg>_IGNORE_CVES variable was forgotten. Indeed, I'm very sorry for that. > > Let's re-introduce this, which is now very simple thanks to the CVE > class, its .identifier() propertly and the .is_cve_ignored() method of > the Package class Thank you ! > > Cc: Titouan Christophe <titouan.christophe@railnova.eu> > Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> > --- > support/scripts/pkg-stats | 3 +++ > 1 file changed, 3 insertions(+) > > diff --git a/support/scripts/pkg-stats b/support/scripts/pkg-stats > index 920a2be158..c113cf9606 100755 > --- a/support/scripts/pkg-stats > +++ b/support/scripts/pkg-stats > @@ -259,6 +259,9 @@ class CVE: > True if the Buildroot Package object passed as argument is affected > by this CVE. > """ > + if br_pkg.is_cve_ignored(self.identifier): > + return False > + > for product in self.each_product(): > if product['product_name'] != br_pkg.name: > continue > Regards, Titouan
diff --git a/support/scripts/pkg-stats b/support/scripts/pkg-stats index 920a2be158..c113cf9606 100755 --- a/support/scripts/pkg-stats +++ b/support/scripts/pkg-stats @@ -259,6 +259,9 @@ class CVE: True if the Buildroot Package object passed as argument is affected by this CVE. """ + if br_pkg.is_cve_ignored(self.identifier): + return False + for product in self.each_product(): if product['product_name'] != br_pkg.name: continue
It seems like throughout the series that the CVE pkg-stats support went through, the support for ignoring CVEs in the per-package <pkg>_IGNORE_CVES variable was forgotten. Let's re-introduce this, which is now very simple thanks to the CVE class, its .identifier() propertly and the .is_cve_ignored() method of the Package class Cc: Titouan Christophe <titouan.christophe@railnova.eu> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> --- support/scripts/pkg-stats | 3 +++ 1 file changed, 3 insertions(+)