| Message ID | 20240912225741.2147108-1-yoann.congal@smile.fr |
|---|---|
| State | Rejected |
| Delegated to: | Steve Sakoman |
| Headers | show |
| Series | [kirkstone] cve-exclusion: Drop the version comparision/warning | expand |
Le ven. 13 sept. 2024 à 00:59, Yoann Congal <yoann.congal@smile.fr> a écrit : > > From: Richard Purdie <richard.purdie@linuxfoundation.org> > > Since the CVE repository is no longer being updated, drop the warning > comparision since it is no longer valid. > > Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> > (cherry picked from commit 9a232a9c3023dfec7e2d2c7e384d64006d1cf1af) > Signed-off-by: Yoann Congal <yoann.congal@smile.fr> > Backport: Applied the idea of the original patch to the corresponding > files. > --- Maybe I should have added that this is to avoid the warning on every kirkstone metrics AB run : https://autobuilder.yoctoproject.org/typhoon/#/builders/138/builds/2234 > > meta/recipes-kernel/linux/cve-exclusion_5.10.inc | 14 +++++++------- > meta/recipes-kernel/linux/cve-exclusion_5.15.inc | 14 +++++++------- > 2 files changed, 14 insertions(+), 14 deletions(-) > > diff --git a/meta/recipes-kernel/linux/cve-exclusion_5.10.inc b/meta/recipes-kernel/linux/cve-exclusion_5.10.inc > index 4d959c90b1..4ce0664c0d 100644 > --- a/meta/recipes-kernel/linux/cve-exclusion_5.10.inc > +++ b/meta/recipes-kernel/linux/cve-exclusion_5.10.inc > @@ -2,13 +2,13 @@ > # Auto-generated CVE metadata, DO NOT EDIT BY HAND. > # Generated at 2024-02-21 03:55:27.305577 for version 5.10.209 > > -python check_kernel_cve_status_version() { > - this_version = "5.10.209" > - kernel_version = d.getVar("LINUX_VERSION") > - if kernel_version != this_version: > - bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version)) > -} > -do_cve_check[prefuncs] += "check_kernel_cve_status_version" > +#python check_kernel_cve_status_version() { > +# this_version = "5.10.209" > +# kernel_version = d.getVar("LINUX_VERSION") > +# if kernel_version != this_version: > +# bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version)) > +#} > +#do_cve_check[prefuncs] += "check_kernel_cve_status_version" > > # fixed-version: Fixed after version 2.6.12rc2 > CVE_CHECK_IGNORE += "CVE-2003-1604" > diff --git a/meta/recipes-kernel/linux/cve-exclusion_5.15.inc b/meta/recipes-kernel/linux/cve-exclusion_5.15.inc > index f5ccf2bc22..1f5c783db4 100644 > --- a/meta/recipes-kernel/linux/cve-exclusion_5.15.inc > +++ b/meta/recipes-kernel/linux/cve-exclusion_5.15.inc > @@ -2,13 +2,13 @@ > # Auto-generated CVE metadata, DO NOT EDIT BY HAND. > # Generated at 2024-05-02 12:18:54.390781 for version 5.15.157 > > -python check_kernel_cve_status_version() { > - this_version = "5.15.157" > - kernel_version = d.getVar("LINUX_VERSION") > - if kernel_version != this_version: > - bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version)) > -} > -do_cve_check[prefuncs] += "check_kernel_cve_status_version" > +#python check_kernel_cve_status_version() { > +# this_version = "5.15.157" > +# kernel_version = d.getVar("LINUX_VERSION") > +# if kernel_version != this_version: > +# bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version)) > +#} > +#do_cve_check[prefuncs] += "check_kernel_cve_status_version" > > # fixed-version: Fixed after version 2.6.12rc2 > CVE_CHECK_IGNORE += "CVE-2003-1604"
On Thu, Sep 12, 2024 at 11:35 PM Yoann Congal via lists.openembedded.org <yoann.congal=smile.fr@lists.openembedded.org> wrote: > > Le ven. 13 sept. 2024 à 00:59, Yoann Congal <yoann.congal@smile.fr> a écrit : > > > > From: Richard Purdie <richard.purdie@linuxfoundation.org> > > > > Since the CVE repository is no longer being updated, drop the warning > > comparision since it is no longer valid. > > > > Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> > > (cherry picked from commit 9a232a9c3023dfec7e2d2c7e384d64006d1cf1af) > > Signed-off-by: Yoann Congal <yoann.congal@smile.fr> > > Backport: Applied the idea of the original patch to the corresponding > > files. > > --- > > Maybe I should have added that this is to avoid the warning on every > kirkstone metrics AB run : > https://autobuilder.yoctoproject.org/typhoon/#/builders/138/builds/2234 Is this version to be preferred to the one that is currently out for review? https://lists.openembedded.org/g/openembedded-core/message/204408 Thanks! Steve > > > > > meta/recipes-kernel/linux/cve-exclusion_5.10.inc | 14 +++++++------- > > meta/recipes-kernel/linux/cve-exclusion_5.15.inc | 14 +++++++------- > > 2 files changed, 14 insertions(+), 14 deletions(-) > > > > diff --git a/meta/recipes-kernel/linux/cve-exclusion_5.10.inc b/meta/recipes-kernel/linux/cve-exclusion_5.10.inc > > index 4d959c90b1..4ce0664c0d 100644 > > --- a/meta/recipes-kernel/linux/cve-exclusion_5.10.inc > > +++ b/meta/recipes-kernel/linux/cve-exclusion_5.10.inc > > @@ -2,13 +2,13 @@ > > # Auto-generated CVE metadata, DO NOT EDIT BY HAND. > > # Generated at 2024-02-21 03:55:27.305577 for version 5.10.209 > > > > -python check_kernel_cve_status_version() { > > - this_version = "5.10.209" > > - kernel_version = d.getVar("LINUX_VERSION") > > - if kernel_version != this_version: > > - bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version)) > > -} > > -do_cve_check[prefuncs] += "check_kernel_cve_status_version" > > +#python check_kernel_cve_status_version() { > > +# this_version = "5.10.209" > > +# kernel_version = d.getVar("LINUX_VERSION") > > +# if kernel_version != this_version: > > +# bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version)) > > +#} > > +#do_cve_check[prefuncs] += "check_kernel_cve_status_version" > > > > # fixed-version: Fixed after version 2.6.12rc2 > > CVE_CHECK_IGNORE += "CVE-2003-1604" > > diff --git a/meta/recipes-kernel/linux/cve-exclusion_5.15.inc b/meta/recipes-kernel/linux/cve-exclusion_5.15.inc > > index f5ccf2bc22..1f5c783db4 100644 > > --- a/meta/recipes-kernel/linux/cve-exclusion_5.15.inc > > +++ b/meta/recipes-kernel/linux/cve-exclusion_5.15.inc > > @@ -2,13 +2,13 @@ > > # Auto-generated CVE metadata, DO NOT EDIT BY HAND. > > # Generated at 2024-05-02 12:18:54.390781 for version 5.15.157 > > > > -python check_kernel_cve_status_version() { > > - this_version = "5.15.157" > > - kernel_version = d.getVar("LINUX_VERSION") > > - if kernel_version != this_version: > > - bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version)) > > -} > > -do_cve_check[prefuncs] += "check_kernel_cve_status_version" > > +#python check_kernel_cve_status_version() { > > +# this_version = "5.15.157" > > +# kernel_version = d.getVar("LINUX_VERSION") > > +# if kernel_version != this_version: > > +# bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version)) > > +#} > > +#do_cve_check[prefuncs] += "check_kernel_cve_status_version" > > > > # fixed-version: Fixed after version 2.6.12rc2 > > CVE_CHECK_IGNORE += "CVE-2003-1604" > > > > -- > Yoann Congal > Smile ECS - Tech expert > > -=-=-=-=-=-=-=-=-=-=-=- > Links: You receive all messages sent to this group. > View/Reply Online (#204471): https://lists.openembedded.org/g/openembedded-core/message/204471 > Mute This Topic: https://lists.openembedded.org/mt/108422982/3620601 > Group Owner: openembedded-core+owner@lists.openembedded.org > Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [steve@sakoman.com] > -=-=-=-=-=-=-=-=-=-=-=- >
Le ven. 13 sept. 2024 à 15:14, Steve Sakoman <steve@sakoman.com> a écrit : > > On Thu, Sep 12, 2024 at 11:35 PM Yoann Congal via > lists.openembedded.org <yoann.congal=smile.fr@lists.openembedded.org> > wrote: > > > > Le ven. 13 sept. 2024 à 00:59, Yoann Congal <yoann.congal@smile.fr> a écrit : > > > > > > From: Richard Purdie <richard.purdie@linuxfoundation.org> > > > > > > Since the CVE repository is no longer being updated, drop the warning > > > comparision since it is no longer valid. > > > > > > Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> > > > (cherry picked from commit 9a232a9c3023dfec7e2d2c7e384d64006d1cf1af) > > > Signed-off-by: Yoann Congal <yoann.congal@smile.fr> > > > Backport: Applied the idea of the original patch to the corresponding > > > files. > > > --- > > > > Maybe I should have added that this is to avoid the warning on every > > kirkstone metrics AB run : > > https://autobuilder.yoctoproject.org/typhoon/#/builders/138/builds/2234 > > Is this version to be preferred to the one that is currently out for review? > > https://lists.openembedded.org/g/openembedded-core/message/204408 Ahh I missed it. Both have the same content, no reason to prefer mine over Alexandre Belloni's so you can ignore mine. Thanks! > Thanks! > > Steve > > > > > > > > > meta/recipes-kernel/linux/cve-exclusion_5.10.inc | 14 +++++++------- > > > meta/recipes-kernel/linux/cve-exclusion_5.15.inc | 14 +++++++------- > > > 2 files changed, 14 insertions(+), 14 deletions(-) > > > > > > diff --git a/meta/recipes-kernel/linux/cve-exclusion_5.10.inc b/meta/recipes-kernel/linux/cve-exclusion_5.10.inc > > > index 4d959c90b1..4ce0664c0d 100644 > > > --- a/meta/recipes-kernel/linux/cve-exclusion_5.10.inc > > > +++ b/meta/recipes-kernel/linux/cve-exclusion_5.10.inc > > > @@ -2,13 +2,13 @@ > > > # Auto-generated CVE metadata, DO NOT EDIT BY HAND. > > > # Generated at 2024-02-21 03:55:27.305577 for version 5.10.209 > > > > > > -python check_kernel_cve_status_version() { > > > - this_version = "5.10.209" > > > - kernel_version = d.getVar("LINUX_VERSION") > > > - if kernel_version != this_version: > > > - bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version)) > > > -} > > > -do_cve_check[prefuncs] += "check_kernel_cve_status_version" > > > +#python check_kernel_cve_status_version() { > > > +# this_version = "5.10.209" > > > +# kernel_version = d.getVar("LINUX_VERSION") > > > +# if kernel_version != this_version: > > > +# bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version)) > > > +#} > > > +#do_cve_check[prefuncs] += "check_kernel_cve_status_version" > > > > > > # fixed-version: Fixed after version 2.6.12rc2 > > > CVE_CHECK_IGNORE += "CVE-2003-1604" > > > diff --git a/meta/recipes-kernel/linux/cve-exclusion_5.15.inc b/meta/recipes-kernel/linux/cve-exclusion_5.15.inc > > > index f5ccf2bc22..1f5c783db4 100644 > > > --- a/meta/recipes-kernel/linux/cve-exclusion_5.15.inc > > > +++ b/meta/recipes-kernel/linux/cve-exclusion_5.15.inc > > > @@ -2,13 +2,13 @@ > > > # Auto-generated CVE metadata, DO NOT EDIT BY HAND. > > > # Generated at 2024-05-02 12:18:54.390781 for version 5.15.157 > > > > > > -python check_kernel_cve_status_version() { > > > - this_version = "5.15.157" > > > - kernel_version = d.getVar("LINUX_VERSION") > > > - if kernel_version != this_version: > > > - bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version)) > > > -} > > > -do_cve_check[prefuncs] += "check_kernel_cve_status_version" > > > +#python check_kernel_cve_status_version() { > > > +# this_version = "5.15.157" > > > +# kernel_version = d.getVar("LINUX_VERSION") > > > +# if kernel_version != this_version: > > > +# bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version)) > > > +#} > > > +#do_cve_check[prefuncs] += "check_kernel_cve_status_version" > > > > > > # fixed-version: Fixed after version 2.6.12rc2 > > > CVE_CHECK_IGNORE += "CVE-2003-1604" > > > > > > > > -- > > Yoann Congal > > Smile ECS - Tech expert > > > > -=-=-=-=-=-=-=-=-=-=-=- > > Links: You receive all messages sent to this group. > > View/Reply Online (#204471): https://lists.openembedded.org/g/openembedded-core/message/204471 > > Mute This Topic: https://lists.openembedded.org/mt/108422982/3620601 > > Group Owner: openembedded-core+owner@lists.openembedded.org > > Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [steve@sakoman.com] > > -=-=-=-=-=-=-=-=-=-=-=- > >
diff --git a/meta/recipes-kernel/linux/cve-exclusion_5.10.inc b/meta/recipes-kernel/linux/cve-exclusion_5.10.inc index 4d959c90b1..4ce0664c0d 100644 --- a/meta/recipes-kernel/linux/cve-exclusion_5.10.inc +++ b/meta/recipes-kernel/linux/cve-exclusion_5.10.inc @@ -2,13 +2,13 @@ # Auto-generated CVE metadata, DO NOT EDIT BY HAND. # Generated at 2024-02-21 03:55:27.305577 for version 5.10.209 -python check_kernel_cve_status_version() { - this_version = "5.10.209" - kernel_version = d.getVar("LINUX_VERSION") - if kernel_version != this_version: - bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version)) -} -do_cve_check[prefuncs] += "check_kernel_cve_status_version" +#python check_kernel_cve_status_version() { +# this_version = "5.10.209" +# kernel_version = d.getVar("LINUX_VERSION") +# if kernel_version != this_version: +# bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version)) +#} +#do_cve_check[prefuncs] += "check_kernel_cve_status_version" # fixed-version: Fixed after version 2.6.12rc2 CVE_CHECK_IGNORE += "CVE-2003-1604" diff --git a/meta/recipes-kernel/linux/cve-exclusion_5.15.inc b/meta/recipes-kernel/linux/cve-exclusion_5.15.inc index f5ccf2bc22..1f5c783db4 100644 --- a/meta/recipes-kernel/linux/cve-exclusion_5.15.inc +++ b/meta/recipes-kernel/linux/cve-exclusion_5.15.inc @@ -2,13 +2,13 @@ # Auto-generated CVE metadata, DO NOT EDIT BY HAND. # Generated at 2024-05-02 12:18:54.390781 for version 5.15.157 -python check_kernel_cve_status_version() { - this_version = "5.15.157" - kernel_version = d.getVar("LINUX_VERSION") - if kernel_version != this_version: - bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version)) -} -do_cve_check[prefuncs] += "check_kernel_cve_status_version" +#python check_kernel_cve_status_version() { +# this_version = "5.15.157" +# kernel_version = d.getVar("LINUX_VERSION") +# if kernel_version != this_version: +# bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version)) +#} +#do_cve_check[prefuncs] += "check_kernel_cve_status_version" # fixed-version: Fixed after version 2.6.12rc2 CVE_CHECK_IGNORE += "CVE-2003-1604"