[Buildroot] [git commit branch/next] support/scripts/pkg-stats: properly ignore CVEs in <pkg>_IGNORE_CVES

Thomas Petazzoni thomas.petazzoni at bootlin.com
Sat Mar 7 14:58:41 UTC 2020


commit: https://git.buildroot.net/buildroot/commit/?id=1097c0427d3b3f2838d14ee9661226bafc610572
branch: https://git.buildroot.net/buildroot/commit/?id=refs/heads/next

It seems like throughout the series that the CVE pkg-stats support
went through, the support for ignoring CVEs in the per-package
<pkg>_IGNORE_CVES variable was forgotten.

Let's re-introduce this, which is now very simple thanks to the CVE
class, its .identifier() propertly and the .is_cve_ignored() method of
the Package class

Cc: Titouan Christophe <titouan.christophe at railnova.eu>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni at bootlin.com>
Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
---
 support/scripts/pkg-stats | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/support/scripts/pkg-stats b/support/scripts/pkg-stats
index 01a0a0d53d..7721d98459 100755
--- a/support/scripts/pkg-stats
+++ b/support/scripts/pkg-stats
@@ -260,6 +260,9 @@ class CVE:
         True if the Buildroot Package object passed as argument is affected
         by this CVE.
         """
+        if br_pkg.is_cve_ignored(self.identifier):
+            return False
+
         for product in self.each_product():
             if product['product_name'] != br_pkg.name:
                 continue


More information about the buildroot mailing list