mirror of
https://git.yoctoproject.org/poky
synced 2026-03-06 15:29:40 +01:00
04a4bac6d2
Instead of manually looking up new CVEs and determining what point releases the fixes are incorporated into, add a script to generate the CVE_STATUS data automatically. First, note that this is very much an interim solution until the cve-check class fetches data from www.linuxkernelcves.com directly. The script should be passed the path to a local clone of the linuxkernelcves repository[1] and the kernel version number. It will then write to standard output the CVE_STATUS entries for every known kernel CVE. The script should be periodically reran as CVEs are backported and kernels upgraded frequently. [1] https://github.com/nluedtke/linux_kernel_cves (From OE-Core rev: 8cb184f9de9b0ce5f465ea12ba24beafd6673f01) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>