MIRRORS/poky
1
0
Fork 0
mirror of git://git.yoctoproject.org/poky.git synced 2025-07-19 12:59:02 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity

cve-check: fix debug message

Browse Source 
Debug level was not added as a parameter, causing a warning.

(From OE-Core rev: 182a915fc733791d4583b956df2e62aa35613f5c)

Signed-off-by: Daniel Turull <daniel.turull@ericsson.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
Daniel Turull 2025-04-30 16:06:58 +02:00 committed by Richard Purdie
parent 70dc28ac28
commit 5ad0c3ae5b
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
meta/classes/cve-check.bbclass
View File

@ -278,7 +278,7 @@ def cve_update(d, cve_data, cve, entry):
cve_data[cve] = entry cve_data[cve] = entry
return return
# If we are updating, there might be change in the status # If we are updating, there might be change in the status
bb.debug("Trying CVE entry update for %s from %s to %s" % (cve, cve_data[cve]['abbrev-status'], entry['abbrev-status'])) bb.debug(1, "Trying CVE entry update for %s from %s to %s" % (cve, cve_data[cve]['abbrev-status'], entry['abbrev-status']))
if cve_data[cve]['abbrev-status'] == "Unknown": if cve_data[cve]['abbrev-status'] == "Unknown":
cve_data[cve] = entry cve_data[cve] = entry
return return
@ -289,16 +289,16 @@ def cve_update(d, cve_data, cve, entry):
if entry['status'] == "version-in-range" and cve_data[cve]['status'] == "version-not-in-range": if entry['status'] == "version-in-range" and cve_data[cve]['status'] == "version-not-in-range":
# New result from the scan, vulnerable # New result from the scan, vulnerable
cve_data[cve] = entry cve_data[cve] = entry
bb.debug("CVE entry %s update from Patched to Unpatched from the scan result" % cve) bb.debug(1, "CVE entry %s update from Patched to Unpatched from the scan result" % cve)
return return
if entry['abbrev-status'] == "Patched" and cve_data[cve]['abbrev-status'] == "Unpatched": if entry['abbrev-status'] == "Patched" and cve_data[cve]['abbrev-status'] == "Unpatched":
if entry['status'] == "version-not-in-range" and cve_data[cve]['status'] == "version-in-range": if entry['status'] == "version-not-in-range" and cve_data[cve]['status'] == "version-in-range":
# Range does not match the scan, but we already have a vulnerable match, ignore # Range does not match the scan, but we already have a vulnerable match, ignore
bb.debug("CVE entry %s update from Patched to Unpatched from the scan result - not applying" % cve) bb.debug(1, "CVE entry %s update from Patched to Unpatched from the scan result - not applying" % cve)
return return
# If we have an "Ignored", it has a priority # If we have an "Ignored", it has a priority
if cve_data[cve]['abbrev-status'] == "Ignored": if cve_data[cve]['abbrev-status'] == "Ignored":
bb.debug("CVE %s not updating because Ignored" % cve) bb.debug(1, "CVE %s not updating because Ignored" % cve)
return return
bb.warn("Unhandled CVE entry update for %s from %s to %s" % (cve, cve_data[cve], entry)) bb.warn("Unhandled CVE entry update for %s from %s to %s" % (cve, cve_data[cve], entry))