From patchwork Thu Apr 22 19:45:56 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Matt Weber X-Patchwork-Id: 1469374 Return-Path: X-Original-To: incoming-buildroot@patchwork.ozlabs.org Delivered-To: patchwork-incoming-buildroot@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=busybox.net (client-ip=140.211.166.137; helo=smtp4.osuosl.org; envelope-from=buildroot-bounces@busybox.net; receiver=) Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=rockwellcollins.com header.i=@rockwellcollins.com header.a=rsa-sha256 header.s=hrcrc2020 header.b=tPZwKxnM; dkim-atps=neutral Received: from smtp4.osuosl.org (smtp4.osuosl.org [140.211.166.137]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4FR7G21Fdqz9sPf for ; Fri, 23 Apr 2021 05:46:17 +1000 (AEST) Received: from localhost (localhost [127.0.0.1]) by smtp4.osuosl.org (Postfix) with ESMTP id AD97840530; Thu, 22 Apr 2021 19:46:15 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from smtp4.osuosl.org ([127.0.0.1]) by localhost (smtp4.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id miZNSr0EPgD0; Thu, 22 Apr 2021 19:46:14 +0000 (UTC) Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34]) by smtp4.osuosl.org (Postfix) with ESMTP id C9D9440F2E; Thu, 22 Apr 2021 19:46:13 +0000 (UTC) X-Original-To: buildroot@lists.busybox.net Delivered-To: buildroot@osuosl.org Received: from smtp3.osuosl.org (smtp3.osuosl.org [140.211.166.136]) by ash.osuosl.org (Postfix) with ESMTP id 47C7E1BF2AA for ; Thu, 22 Apr 2021 19:46:01 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp3.osuosl.org (Postfix) with ESMTP id 355946064A for ; Thu, 22 Apr 2021 19:46:00 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Authentication-Results: smtp3.osuosl.org (amavisd-new); dkim=pass (2048-bit key) header.d=rockwellcollins.com Received: from smtp3.osuosl.org ([127.0.0.1]) by localhost (smtp3.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qtMszHVi9l06 for ; Thu, 22 Apr 2021 19:45:59 +0000 (UTC) X-Greylist: domain auto-whitelisted by SQLgrey-1.8.0 Received: from ch3vs04.rockwellcollins.com (ch3vs04.rockwellcollins.com [205.175.226.52]) by smtp3.osuosl.org (Postfix) with ESMTPS id 4F97C60693 for ; Thu, 22 Apr 2021 19:45:59 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rockwellcollins.com; s=hrcrc2020; h=from:to:cc:subject:date:message-id; bh=PAhXJrzS1JeC6Amgr0lUKMORZciFHRzysxMkpjhTlis=; b=tPZwKxnMIJfdpx8ywTf9U40S4OEB+F8YyKmw/JF6yLi5FjRAAqXVnegd 0w9B4gGulgUGLdIgG25J5zQZRL3nG0Rhior2FHQZK78MWSvu7bZS9Y7Gp qseMfSB4puOTdXzHEaxzjnMum3X5sdq7vt3Aebk6xt52OlCAmjidTK/Mt fIlVNpU6dhlr1De3kl2j5S5oXLdGKx0wJupykhC8VgmmxofH/e2uCje4f XfsX6cb3NuxdcMbhNCQ8YmzQCiTRvVWJyL++PhHznhHML+vLjRQWtZKWk O/jXeETj7JrM9wbEyYtM8mBqIlPF3PA52z928nQIbtIhOfHn1EJdeIFYD w==; IronPort-SDR: 8rg/K7im9fWGp1/HR/Vd20aOWhGymd9ve7pb6FXkaS219+fmanpRFjEQ866HVTmjiiXGUTs3Lw WqdyD5CWCVxy+NyCOAJ68roUe+7DyFEXgJ3gILuSpKzfSmzwgUSiWQQ/a16gk7thxPMNXxRPKV ySulUI37uj2sU5+gO0oqxa8yzNyoHgV9faN/09zEwKNuY4NaibaOSAYBLMRyFeT0cBDt6fjMV1 roS9jPnHeLdcPjNl1r2Vga0QhAaYNIgRyVAFBvJufgpNZcmlT1hdnMZ/xg1AFvsXz7T9+Q95vM EzY= Received: from ofwch3n02.rockwellcollins.com (HELO crulimr01.rockwellcollins.com) ([205.175.226.14]) by ch3vs04.rockwellcollins.com with ESMTP; 22 Apr 2021 14:45:58 -0500 X-Received: from biscuits.rockwellcollins.com (biscuits.rockwellcollins.lab [10.148.119.137]) by crulimr01.rockwellcollins.com (Postfix) with ESMTP id 04F58602FD; Thu, 22 Apr 2021 14:45:57 -0500 (CDT) From: Matt Weber To: buildroot@buildroot.org Date: Thu, 22 Apr 2021 14:45:56 -0500 Message-Id: <20210422194557.17499-1-matthew.weber@rockwellcollins.com> X-Mailer: git-send-email 2.17.1 Subject: [Buildroot] [PATCH v3 1/2] support/scripts/pkg-stats: add CPE searching links X-BeenThere: buildroot@busybox.net X-Mailman-Version: 2.1.29 Precedence: list List-Id: Discussion and development of buildroot List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Matt Weber MIME-Version: 1.0 Errors-To: buildroot-bounces@busybox.net Sender: "buildroot" For cases of a CPE having a unknown version or when there hasn't been a CPE verified, proposed a search criteria to help the user research an update. (libcurl has NIST dict entries but not this version) cpe:2.3:a:haxx:libcurl:7.76.1:*:*:*:*:*:*:* CPE identifier unknown in CPE database (Search) (jitterentropy-library package doesn't have any NIST dict entries) no verified CPE identifier (Search) Signed-off-by: Matthew Weber --- v3 - Fixed pkg.cpeid.split() to include PRODUCT field v2 - New --- support/scripts/pkg-stats | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/support/scripts/pkg-stats b/support/scripts/pkg-stats index 6f3ddc561f..5b7fd1e0aa 100755 --- a/support/scripts/pkg-stats +++ b/support/scripts/pkg-stats @@ -921,7 +921,13 @@ def dump_html_pkg(f, pkg): if pkg.cpeid: f.write(" %s\n" % pkg.cpeid) if not pkg.is_status_ok("cpe"): - f.write(" %s%s\n" % ("
" if pkg.cpeid else "", pkg.status['cpe'][1])) + if pkg.cpeid: + f.write("
%s (Search)\n" % \ + (pkg.status['cpe'][1], ":".join(pkg.cpeid.split(":")[0:5]))) + else: + f.write(" %s (Search)\n" % \ + (pkg.status['cpe'][1], pkg.name)) + f.write(" \n") f.write(" \n") From patchwork Thu Apr 22 19:45:57 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Matt Weber X-Patchwork-Id: 1469373 Return-Path: X-Original-To: incoming-buildroot@patchwork.ozlabs.org Delivered-To: patchwork-incoming-buildroot@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=busybox.net (client-ip=2605:bc80:3010::133; helo=smtp2.osuosl.org; envelope-from=buildroot-bounces@busybox.net; receiver=) Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=rockwellcollins.com header.i=@rockwellcollins.com header.a=rsa-sha256 header.s=hrcrc2020 header.b=Fhu0Bvm9; dkim-atps=neutral Received: from smtp2.osuosl.org (smtp2.osuosl.org [IPv6:2605:bc80:3010::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4FR7Fm6qwqz9sPf for ; Fri, 23 Apr 2021 05:46:04 +1000 (AEST) Received: from localhost (localhost [127.0.0.1]) by smtp2.osuosl.org (Postfix) with ESMTP id BF0A0403E2; Thu, 22 Apr 2021 19:46:02 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from smtp2.osuosl.org ([127.0.0.1]) by localhost (smtp2.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SduTkVdC-8Kf; Thu, 22 Apr 2021 19:46:02 +0000 (UTC) Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34]) by smtp2.osuosl.org (Postfix) with ESMTP id 2A118403DE; Thu, 22 Apr 2021 19:46:01 +0000 (UTC) X-Original-To: buildroot@lists.busybox.net Delivered-To: buildroot@osuosl.org Received: from smtp3.osuosl.org (smtp3.osuosl.org [140.211.166.136]) by ash.osuosl.org (Postfix) with ESMTP id 0727D1BF2AA for ; Thu, 22 Apr 2021 19:46:00 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp3.osuosl.org (Postfix) with ESMTP id 0373560D4E for ; Thu, 22 Apr 2021 19:46:00 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Authentication-Results: smtp3.osuosl.org (amavisd-new); dkim=pass (2048-bit key) header.d=rockwellcollins.com Received: from smtp3.osuosl.org ([127.0.0.1]) by localhost (smtp3.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7OWWSP9C8MTs for ; Thu, 22 Apr 2021 19:45:59 +0000 (UTC) X-Greylist: domain auto-whitelisted by SQLgrey-1.8.0 Received: from ch3vs04.rockwellcollins.com (ch3vs04.rockwellcollins.com [205.175.226.52]) by smtp3.osuosl.org (Postfix) with ESMTPS id DB7956064A for ; Thu, 22 Apr 2021 19:45:58 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rockwellcollins.com; s=hrcrc2020; h=from:to:cc:subject:date:message-id:in-reply-to: references; bh=VB6WImljeblZftdmOt9NZEiJ8K+Zxq4JuWoyn/6OH6g=; b=Fhu0Bvm9ipN7oHmI3twYmZ71frJ2oFzsr1y0iJTopg3ocxKaR5+/x7pd 9E+IzYJT+0w+hdsdPrtG0KmUbK/9kPHBRGWszVQRrSmzVORd7PxkL8kyJ tmQlf1b9STiqlFGfdT6ppdvJEfXtQMYs8/M9H5VlGFB/wg6WZsSmDC9Te 0pgrBp/t0/0DCCISLtHDJ+dR+dZVCm2OC/rJtgwofJCAc6YlQ42I/Esc1 LyH1/hCPa7kt2ULzlQExertUpFqtEqSIgGLE0MdkkNyqfq9h46fBlQ3d4 ygvJ0fp4gK8IO1LT2EuSWVdlykvtUy8/hYsmfdwDsFJVclh+Jrex+0jXD w==; IronPort-SDR: YRxd7QBt+NVEpwlDX1j0mjl9VAx8DAo44YdatA6bH3FP2pkiHqrbtLqYTcSLbDyNrhnSkBtKlX INY3dJ/8T+MGKmUyfCeRxjurJBkBFEf2+oqrg5p5h9aUXS3iUwHet4GGYv2t/lHhJQs15YII7+ itVh7XA9R9LfAyrcxZmMN0GS3zIIkbY/z0hjU8MaNq69tgzTiNjcS28YA4PEwg1vrnUlMUUmWA Z3gKK6DkA908hTo8vlYQImv1ngZ9KaoCEe96+YKqQFlyPb2A+IrKltn8PoeT8+8OX8UZyGECFp omI= Received: from ofwch3n02.rockwellcollins.com (HELO crulimr01.rockwellcollins.com) ([205.175.226.14]) by ch3vs04.rockwellcollins.com with ESMTP; 22 Apr 2021 14:45:58 -0500 X-Received: from biscuits.rockwellcollins.com (biscuits.rockwellcollins.lab [10.148.119.137]) by crulimr01.rockwellcollins.com (Postfix) with ESMTP id 077E3603F0; Thu, 22 Apr 2021 14:45:57 -0500 (CDT) From: Matt Weber To: buildroot@buildroot.org Date: Thu, 22 Apr 2021 14:45:57 -0500 Message-Id: <20210422194557.17499-2-matthew.weber@rockwellcollins.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20210422194557.17499-1-matthew.weber@rockwellcollins.com> References: <20210422194557.17499-1-matthew.weber@rockwellcollins.com> Subject: [Buildroot] [PATCH v3 2/2] support/scripts/pkg-stats: add column reporting ignored CVEs X-BeenThere: buildroot@busybox.net X-Mailman-Version: 2.1.29 Precedence: list List-Id: Discussion and development of buildroot List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Matt Weber MIME-Version: 1.0 Errors-To: buildroot-bounces@busybox.net Sender: "buildroot" When doing analysis it is helpful to be able to view what CVE have been patched / diagnosed to not apply to Buildroot. This exposes that list to the reporting and prevents a step where you have to dig into the .mk's of a pkg to check for sure what has been ignored. Signed-off-by: Matthew Weber --- v3 - New --- support/scripts/pkg-stats | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/support/scripts/pkg-stats b/support/scripts/pkg-stats index 5b7fd1e0aa..0f90c16116 100755 --- a/support/scripts/pkg-stats +++ b/support/scripts/pkg-stats @@ -735,6 +735,10 @@ td.cve-unknown { background: #ffd870; } +td.cve_ignored { + background: #ccc; +} + Statistics of Buildroot packages @@ -909,6 +913,14 @@ def dump_html_pkg(f, pkg): f.write(" N/A\n") f.write(" \n") + # CVEs Ignored + td_class = ["centered"] + td_class.append("cve_ignored") + f.write(" \n" % " ".join(td_class)) + for ignored_cve in pkg.ignored_cves: + f.write(" %s
\n" % (ignored_cve, ignored_cve)) + f.write(" \n") + # CPE ID td_class = ["left"] if pkg.is_status_ok("cpe"): @@ -948,6 +960,7 @@ def dump_html_all_pkgs(f, packages): Warnings Upstream URL CVEs +CVEs Ignored CPE ID """)