linux/generate-cve-exclusions: use data from CVEProject - linux/poky.git

diff options

author	Daniel Turull <daniel.turull@ericsson.com>	2025-04-10 11:48:35 +0200
committer	Steve Sakoman <steve@sakoman.com>	2025-07-04 07:50:16 -0700
commit	df999dc19df72eaa61cf7829038a4452e1c2d7a8 (patch)
tree	e76c3600a1f91fb241fdae4001b6044f0a7e0241 /scripts/lib/checklayer/context.py
parent	9397f1db0bbbed4b18f347e5bca7f6c07f47cc70 (diff)
download	poky-df999dc19df72eaa61cf7829038a4452e1c2d7a8.tar.gz

linux/generate-cve-exclusions: use data from CVEProject

The old script was relying on linuxkernelcves.com that was archived in May 2024 when kernel.org became a CNA. The new script reads CVE json files from the datadir that can be either from the official kernel.org CNA [1] or CVEProject [2] [1] https://git.kernel.org/pub/scm/linux/security/vulns.git [2] https://github.com/CVEProject/cvelistV5 (From OE-Core rev: ab4d2a79188da5b58bf9a4eacc2460a00a5c1d70) Signed-off-by: Daniel Turull <daniel.turull@ericsson.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 12612e8680798bdce39fbb79885e661596dbd53c) Signed-off-by: Steve Sakoman <steve@sakoman.com>

Diffstat (limited to 'scripts/lib/checklayer/context.py')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: