[yocto] [patchtest-oe][PATCH] test_patch_cve.py: fix cve tag checking logic
Michael Halstead
mhalstead at linuxfoundation.org
Fri Nov 9 05:39:40 PST 2018
When updating patchtest-oe to include the CVE fixes I also cleaned up
repositories in the share directory removing the patchwork credentials
in the process. I've restored the patchwork credentials and posted the
test results from local backups.
I've opened a bug to collect ideas for testing patchtest upgrades at
https://bugzilla.yoctoproject.org/show_bug.cgi?id=13002.
On 11/8/18 11:38 PM, Mittal, Anuj wrote:
> On Wed, 2018-11-07 at 09:01 +0000, Richard Purdie wrote:
>> On Fri, 2018-11-02 at 14:03 +0800, Chen Qi wrote:
>>> The current logic for checking cve tag is not correct. It errors
>>> out if and only if the patch contains a line which begins with
>>> CVE-YYYY-XXXX and contains nothing else.
>>>
>>> It will not error out if the patch contains no CVE information, nor
>>> will it error out if the patch contains line like below.
>>>
>>> 'Fix CVE-YYYY-XXXX'
>>>
>>> I can see that the cve tag checking logic tries to ensure the patch
>>> contains something like 'CVE: CVE-YYYY-XXXX'. So fix to implement
>>> such
>>> logic.
>>>
>>> Signed-off-by: Chen Qi <Qi.Chen at windriver.com>
>>> ---
>>> tests/test_patch_cve.py | 15 ++++++++-------
>>> 1 file changed, 8 insertions(+), 7 deletions(-)
>> Thanks, good find.
>>
>> I've merged this and I believe the instance should have it applied
>> now
>> too.
>>
> Not sure if this is related but it looks like the tests aren't running
> at all now ...
>
>
> https://patchwork.openembedded.org/project/oe-core/series/?ordering=-last_updated
>
> Thanks,
>
> Anuj
--
Michael Halstead
Linux Foundation / SysAdmin
More information about the yocto
mailing list