mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-05-04 22:39:49 +02:00
Code Issues Packages Projects Releases Wiki Activity

lib: spdx30_tasks: Handle patched CVEs

Browse Source 
The code to iterate over patched CVEs (e.g. those patched by a .patch
file in SRC_URI) was accidentally omitted when writing the SPDX 3
handling. Add it in now

[YOCTO #15789]

(From OE-Core rev: 1ff496546279d8a97df5ec475007cfb095c2a0bc)

Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
Joshua Watt
2025-03-06 14:20:07 -07:00
committed by Richard Purdie
parent 5e1a91bc5b
commit e852d99018
1 changed files with 10 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
meta/lib/oe/spdx30_tasks.py
View File

@@ -498,6 +498,16 @@ def create_spdx(d):
# Add CVEs
cve_by_status = {}
if include_vex != "none":
for cve in oe.cve_check.get_patched_cves(d):
spdx_cve = build_objset.new_cve_vuln(cve)
build_objset.set_element_alias(spdx_cve)
cve_by_status.setdefault("Patched", {})[cve] = (
spdx_cve,
"patched",
"",
)
for cve in d.getVarFlags("CVE_STATUS") or {}:
decoded_status = oe.cve_check.decode_cve_status(d, cve)