[Buildroot] [git commit] support/scripts/pkg-stats: properly ignore CVEs in <pkg>_IGNORE_CVES

Peter Korsgaard peter at korsgaard.com
Wed Feb 19 07:22:09 UTC 2020


commit: https://git.buildroot.net/buildroot/commit/?id=60f2de1f12a7e87dd8b9daff2aa4efd53d26165b
branch: https://git.buildroot.net/buildroot/commit/?id=refs/heads/master

It seems like throughout the series that the CVE pkg-stats support
went through, the support for ignoring CVEs in the per-package
<pkg>_IGNORE_CVES variable was forgotten.

Let's re-introduce this, which is now very simple thanks to the CVE
class, its .identifier() propertly and the .is_cve_ignored() method of
the Package class

Cc: Titouan Christophe <titouan.christophe at railnova.eu>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni at bootlin.com>
Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
---
 support/scripts/pkg-stats | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/support/scripts/pkg-stats b/support/scripts/pkg-stats
index 920a2be158..c113cf9606 100755
--- a/support/scripts/pkg-stats
+++ b/support/scripts/pkg-stats
@@ -259,6 +259,9 @@ class CVE:
         True if the Buildroot Package object passed as argument is affected
         by this CVE.
         """
+        if br_pkg.is_cve_ignored(self.identifier):
+            return False
+
         for product in self.each_product():
             if product['product_name'] != br_pkg.name:
                 continue


More information about the buildroot mailing list