linux-yocto: add script to generate kernel CVE_STATUS entries - linux/poky.git

diff options

author	Ross Burton <ross.burton@arm.com>	2023-08-07 15:45:29 +0100
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2023-08-09 21:48:11 +0100
commit	04a4bac6d2ff6a7b617865c567363798399b32cd (patch)
tree	4b1dede62f29db631a34cf4a879918cdbfe93ad0 /scripts/lib/devtool/upgrade.py
parent	6c0350934952b7b06104d7dacbe152386ba72aec (diff)
download	poky-04a4bac6d2ff6a7b617865c567363798399b32cd.tar.gz

linux-yocto: add script to generate kernel CVE_STATUS entries

Instead of manually looking up new CVEs and determining what point releases the fixes are incorporated into, add a script to generate the CVE_STATUS data automatically. First, note that this is very much an interim solution until the cve-check class fetches data from www.linuxkernelcves.com directly. The script should be passed the path to a local clone of the linuxkernelcves repository[1] and the kernel version number. It will then write to standard output the CVE_STATUS entries for every known kernel CVE. The script should be periodically reran as CVEs are backported and kernels upgraded frequently. [1] https://github.com/nluedtke/linux_kernel_cves (From OE-Core rev: 8cb184f9de9b0ce5f465ea12ba24beafd6673f01) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

Diffstat (limited to 'scripts/lib/devtool/upgrade.py')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: