mirror of
https://git.yoctoproject.org/poky
synced 2026-01-29 21:08:42 +01:00
c06e4e6e60
This commit fixes commit 08595b39b46ef2bf3a928d4528292ee31a990c98 which adapts vex creation between function create_spdx where all changes were backported and funtion get_patched_cves where changes were not backported. CVE patches were previously ignored as they cannot be decoded from CVE_STATUS variables and each caused a warning like: WARNING: ncurses-native-6.4-r0 do_create_spdx: Skipping CVE-2023-50495 — missing or unknown CVE status Master branch uses fix-file-included for CVE patches however since cve-check-map.conf was not part of spdx-3.0 backport, closest one available (backported-patch) was implemented. (From OE-Core rev: 8d14b2bb02861612130f02c445392f34090ba5d9) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>