[v5,4/7] cve_check: Update selftest with new status detail

Message ID	20240814053041.4991-4-marta.rybczynska@syslinbit.com
State	Accepted, archived
Commit	ea7681ffc15cac970c395daab56ba264ac406cd6
Headers	show Return-Path: <rybczynska@gmail.com> ip: 209.85.167.42, mailfrom: rybczynska@gmail.com) From: Marta Rybczynska <rybczynska@gmail.com> To: openembedded-core@lists.openembedded.org Cc: Samantha Jalabert <samantha.jalabert@syslinbit.com>, Marta Rybczynska <marta.rybczynska@syslinbit.com> Subject: [PATCH v5][OE-core 4/7] cve_check: Update selftest with new status detail Date: Wed, 14 Aug 2024 07:30:38 +0200 Message-ID: <20240814053041.4991-4-marta.rybczynska@syslinbit.com> In-Reply-To: <20240814053041.4991-1-marta.rybczynska@syslinbit.com> References: <20240814053041.4991-1-marta.rybczynska@syslinbit.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit
Series	[v5,1/7] cve-check: encode affected product/vendor in CVE_STATUS \| expand [v5,1/7] cve-check: encode affected product/vendor in CVE_STATUS [v5,2/7] cve-extra-inclusions: encode CPEs of affected packages [v5,3/7] cve-check: annotate CVEs during analysis [v5,4/7] cve_check: Update selftest with new status detail [v5,5/7] vex.bbclass: add a new class [v5,6/7] cve-check-map: add new statuses [v5,7/7] selftest: add test_product_match

Message ID

20240814053041.4991-4-marta.rybczynska@syslinbit.com

State

Accepted, archived

Commit

ea7681ffc15cac970c395daab56ba264ac406cd6

Headers

From: Marta Rybczynska <rybczynska@gmail.com>
To: openembedded-core@lists.openembedded.org
Cc: Samantha Jalabert <samantha.jalabert@syslinbit.com>,
	Marta Rybczynska <marta.rybczynska@syslinbit.com>
Subject: [PATCH v5][OE-core 4/7] cve_check: Update selftest with new status
 detail
Date: Wed, 14 Aug 2024 07:30:38 +0200
Message-ID: <20240814053041.4991-4-marta.rybczynska@syslinbit.com>
In-Reply-To: <20240814053041.4991-1-marta.rybczynska@syslinbit.com>
References: <20240814053041.4991-1-marta.rybczynska@syslinbit.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Series

[v5,1/7] cve-check: encode affected product/vendor in CVE_STATUS | expand

Commit Message

Marta Rybczynska Aug. 14, 2024, 5:30 a.m. UTC

From: Samantha Jalabert <samantha.jalabert@syslinbit.com>

Signed-off-by: Samantha Jalabert <samantha.jalabert@syslinbit.com>
Signed-off-by: Marta Rybczynska <marta.rybczynska@syslinbit.com>
---
 meta/lib/oeqa/selftest/cases/cve_check.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/meta/lib/oeqa/selftest/cases/cve_check.py b/meta/lib/oeqa/selftest/cases/cve_check.py
index 60cecd1328..a40272c919 100644
--- a/meta/lib/oeqa/selftest/cases/cve_check.py
+++ b/meta/lib/oeqa/selftest/cases/cve_check.py
@@ -217,9 +217,10 @@  CVE_CHECK_REPORT_PATCHED = "1"
             # m4 CVE should not be in logrotate
             self.assertNotIn("CVE-2008-1687", found_cves)
             # logrotate has both Patched and Ignored CVEs
+            detail = "version-not-in-range"
             self.assertIn("CVE-2011-1098", found_cves)
             self.assertEqual(found_cves["CVE-2011-1098"]["status"], "Patched")
-            self.assertEqual(len(found_cves["CVE-2011-1098"]["detail"]), 0)
+            self.assertEqual(found_cves["CVE-2011-1098"]["detail"], detail)
             self.assertEqual(len(found_cves["CVE-2011-1098"]["description"]), 0)
             detail = "not-applicable-platform"
             description = "CVE is debian, gentoo or SUSE specific on the way logrotate was installed/used"