yoctoproject/poky-contrib
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky-contrib synced 2025-05-08 23:52:25 +08:00
Code Issues Packages Projects Releases Wiki Activity

cve-check: fix debug message

Browse Source 
Debug level was not added as a parameter, causing a warning.

(From OE-Core rev: 40157fcbd9066f261812ba665ec963b2e496aa53)

Signed-off-by: Daniel Turull <daniel.turull@ericsson.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
Daniel Turull 2025-04-30 16:06:58 +02:00 committed by Richard Purdie
parent fddd752ea5
commit 836f704cf6
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
meta/classes/cve-check.bbclass
View File

@ -277,7 +277,7 @@ def cve_update(d, cve_data, cve, entry):
cve_data[cve] = entry
return
# If we are updating, there might be change in the status
bb.debug("Trying CVE entry update for %s from %s to %s" % (cve, cve_data[cve]['abbrev-status'], entry['abbrev-status']))
bb.debug(1, "Trying CVE entry update for %s from %s to %s" % (cve, cve_data[cve]['abbrev-status'], entry['abbrev-status']))
if cve_data[cve]['abbrev-status'] == "Unknown":
cve_data[cve] = entry
return
@ -288,16 +288,16 @@ def cve_update(d, cve_data, cve, entry):
if entry['status'] == "version-in-range" and cve_data[cve]['status'] == "version-not-in-range":
# New result from the scan, vulnerable
cve_data[cve] = entry
bb.debug("CVE entry %s update from Patched to Unpatched from the scan result" % cve)
bb.debug(1, "CVE entry %s update from Patched to Unpatched from the scan result" % cve)
return
if entry['abbrev-status'] == "Patched" and cve_data[cve]['abbrev-status'] == "Unpatched":
if entry['status'] == "version-not-in-range" and cve_data[cve]['status'] == "version-in-range":
# Range does not match the scan, but we already have a vulnerable match, ignore
bb.debug("CVE entry %s update from Patched to Unpatched from the scan result - not applying" % cve)
bb.debug(1, "CVE entry %s update from Patched to Unpatched from the scan result - not applying" % cve)
return
# If we have an "Ignored", it has a priority
if cve_data[cve]['abbrev-status'] == "Ignored":
bb.debug("CVE %s not updating because Ignored" % cve)
bb.debug(1, "CVE %s not updating because Ignored" % cve)
return
bb.warn("Unhandled CVE entry update for %s from %s to %s" % (cve, cve_data[cve], entry))