mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-04-21 03:32:12 +02:00
Code Issues Packages Projects Releases Wiki Activity

cve-check: Run it after do_fetch

Browse Source 
Certain recipes e.g. bash readline ( from meta-gplv2 ) download patches instead of having them in
metadata, this could fail cve_check

ERROR: readline-5.2-r9 do_cve_check: File Not found: qemuarm/build/../downloads/readline52-001

This patch ensures that download is done before running CVE scan, even
though these will be external patches and may not contain CVE tags as it
expects, but it will fix the run failures as seen above

(From OE-Core rev: e406fcb6c609a0d2456d7da0d2406d2d9fa52dd2)

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
Khem Raj
2020-05-21 08:18:47 -07:00
committed by Richard Purdie
parent c24b23051f
commit d0b97f53f9
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
meta/classes/cve-check.bbclass
View File

@@ -65,7 +65,7 @@ python do_cve_check () {
}
addtask cve_check before do_build
addtask cve_check before do_build after do_fetch
do_cve_check[depends] = "cve-update-db-native:do_populate_cve_db"
do_cve_check[nostamp] = "1"