From 36fbf96cf284acbc810ff3bf00702f1f82bc0da9 Mon Sep 17 00:00:00 2001 From: Ross Burton Date: Fri, 9 Feb 2018 12:37:08 +0000 Subject: cve-check: allow recipes to override their version For reasons which I don't understand, the Berkeley DB tarball is version 5.3.28 but in CVE reports the version is 11.2.5.3.28. To handle this allow recipes to override their version as well as their name. Signed-off-by: Ross Burton --- meta/classes/cve-check.bbclass | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'meta') diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass index 62dd6424d5..061e883fa7 100644 --- a/meta/classes/cve-check.bbclass +++ b/meta/classes/cve-check.bbclass @@ -23,6 +23,7 @@ # The product name that the CVE database uses. Defaults to BPN, but may need to # be overriden per recipe (for example tiff.bb sets CVE_PRODUCT=libtiff). CVE_PRODUCT ??= "${BPN}" +CVE_VERSION ??= "${PV}" CVE_CHECK_DB_DIR ?= "${DL_DIR}/CVE_CHECK" CVE_CHECK_DB_FILE ?= "${CVE_CHECK_DB_DIR}/nvd.db" @@ -168,7 +169,7 @@ def check_cves(d, patched_cves): cves_patched = [] cves_unpatched = [] bpn = d.getVar("CVE_PRODUCT") - pv = d.getVar("PV").split("+git")[0] + pv = d.getVar("CVE_VERSION").split("+git")[0] cves = " ".join(patched_cves) cve_db_dir = d.getVar("CVE_CHECK_DB_DIR") cve_whitelist = ast.literal_eval(d.getVar("CVE_CHECK_CVE_WHITELIST")) -- cgit 1.2.3-korg