[Buildroot] [PATCH 07/10] support/scripts/cve-checker: show CPE ID in results
Matthew Weber
matthew.weber at rockwellcollins.com
Wed Nov 4 17:20:19 UTC 2020
Thomas / Greg,
On Wed, Nov 4, 2020 at 8:52 AM Thomas Petazzoni
<thomas.petazzoni at bootlin.com> wrote:
>
> From: Gregory CLEMENT <gregory.clement at bootlin.com>
>
> This commit improves the cve-checker script to show the CPE ID of
> packages, if available. For now, it doesn't use CPE IDs to match CVEs.
>
> Signed-off-by: Gregory CLEMENT <gregory.clement at bootlin.com>
> Signed-off-by: Thomas Petazzoni <thomas.petazzoni at bootlin.com>
> ---
> support/scripts/cve-checker | 21 ++++++++++++++++++---
> 1 file changed, 18 insertions(+), 3 deletions(-)
>
> diff --git a/support/scripts/cve-checker b/support/scripts/cve-checker
> index ff110fc17c..421202d049 100755
> --- a/support/scripts/cve-checker
> +++ b/support/scripts/cve-checker
> @@ -26,9 +26,10 @@ import cve as cvecheck
>
>
> class Package:
> - def __init__(self, name, version, ignored_cves):
> + def __init__(self, name, version, cpeid, ignored_cves):
> self.name = name
> self.version = version
> + self.cpeid = cpeid
> self.cves = list()
> self.ignored_cves = ignored_cves
>
> @@ -106,6 +107,19 @@ def dump_html_pkg(f, pkg):
> f.write(" <a href=\"https://security-tracker.debian.org/tracker/%s\">%s<br/>\n" % (cve, cve))
> f.write(" </td>\n")
>
> + # CPE ID
> + td_class = ["left"]
> + if pkg.cpeid:
> + td_class.append("correct")
> + else:
> + td_class.append("wrong")
> + f.write(" <td class=\"%s\">\n" % " ".join(td_class))
> + if pkg.cpeid:
> + f.write(" <code>%s</code>\n" % pkg.cpeid)
> + else:
> + f.write(" N/A\n")
> + f.write(" </td>\n")
> +
Similar question as in the pkgstats about including host package CPE
IDs in the listing.
More information about the buildroot
mailing list