aboutsummaryrefslogtreecommitdiffstats
path: root/meta/lib/oe/cve_check.py
diff options
context:
space:
mode:
authorLee Chee Yang <chee.yang.lee@intel.com>2021-03-04 22:44:07 +0800
committerAnuj Mittal <anuj.mittal@intel.com>2021-04-09 13:54:52 +0800
commit7e75801c9a76d7bcd2fed3a6522214f483966166 (patch)
tree3e7aadf6e829e45738afca2ae278bb326bb6d5d1 /meta/lib/oe/cve_check.py
parentecb41c87695c483959e2d96fcb6ca7cd92fd7315 (diff)
downloadopenembedded-core-contrib-7e75801c9a76d7bcd2fed3a6522214f483966166.tar.gz
openembedded-core-contrib-7e75801c9a76d7bcd2fed3a6522214f483966166.tar.bz2
openembedded-core-contrib-7e75801c9a76d7bcd2fed3a6522214f483966166.zip
cve-check: CVE_VERSION_SUFFIX to work with patched release
CVE_VERSION_SUFFIX in "patch" to treat version string with suffix "pX" or "patchX" as patched release. also update testcases to cover this changes and set CVE_VERSION_SUFFIX for sudo. Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 8076815fc2ffc8f632e73527ce2b7d158a29e9ea) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Diffstat (limited to 'meta/lib/oe/cve_check.py')
-rw-r--r--meta/lib/oe/cve_check.py7
1 files changed, 6 insertions, 1 deletions
diff --git a/meta/lib/oe/cve_check.py b/meta/lib/oe/cve_check.py
index ce755f940a..a1d7c292af 100644
--- a/meta/lib/oe/cve_check.py
+++ b/meta/lib/oe/cve_check.py
@@ -11,8 +11,13 @@ _Version = collections.namedtuple(
class Version():
def __init__(self, version, suffix=None):
+
+ suffixes = ["alphabetical", "patch"]
+
if str(suffix) == "alphabetical":
version_pattern = r"""r?v?(?:(?P<release>[0-9]+(?:[-\.][0-9]+)*)(?P<patch>[-_\.]?(?P<patch_l>[a-z]))?(?P<pre>[-_\.]?(?P<pre_l>(rc|alpha|beta|pre|preview|dev))[-_\.]?(?P<pre_v>[0-9]+)?)?)(.*)?"""
+ elif str(suffix) == "patch":
+ version_pattern = r"""r?v?(?:(?P<release>[0-9]+(?:[-\.][0-9]+)*)(?P<patch>[-_\.]?(p|patch)(?P<patch_l>[0-9]+))?(?P<pre>[-_\.]?(?P<pre_l>(rc|alpha|beta|pre|preview|dev))[-_\.]?(?P<pre_v>[0-9]+)?)?)(.*)?"""
else:
version_pattern = r"""r?v?(?:(?P<release>[0-9]+(?:[-\.][0-9]+)*)(?P<pre>[-_\.]?(?P<pre_l>(rc|alpha|beta|pre|preview|dev))[-_\.]?(?P<pre_v>[0-9]+)?)?)(.*)?"""
regex = re.compile(r"^\s*" + version_pattern + r"\s*$", re.VERBOSE | re.IGNORECASE)
@@ -23,7 +28,7 @@ class Version():
self._version = _Version(
release=tuple(int(i) for i in match.group("release").replace("-",".").split(".")),
- patch_l=match.group("patch_l") if str(suffix) == "alphabetical" and match.group("patch_l") else "",
+ patch_l=match.group("patch_l") if str(suffix) in suffixes and match.group("patch_l") else "",
pre_l=match.group("pre_l"),
pre_v=match.group("pre_v")
)