Gitiles
Code Review Sign In
gerrit.openbmc.org / stefanberger / openbmc / 6f8dcde58e2226d5a46f41ab53225134d0e60b4e^! / . / poky / meta / classes / cve-check.bbclass
commit6f8dcde58e2226d5a46f41ab53225134d0e60b4e[log] [tgz]
authorBrad Bishop <bradleyb@fuzziesquirrel.com>Tue Oct 16 10:47:12 2018 +0800
committerBrad Bishop <bradleyb@fuzziesquirrel.com>Sun Nov 18 20:46:35 2018 -0500
treedfbdf8de08982b93dfd42921b548cffc73b4a153
parent10719a5be4799cf3961bdb4754cb389e8e45ede5 [diff] [blame]
poky: sumo refresh d240b885f2..eebbc00b25

Update poky to sumo HEAD.

Anuj Mittal (1):
      perl: skip tests that are not useful

Armin Kuster (4):
      tzcode-native: updatet to 2018e
      tzdata: update to 2018e
      tzcode: update to 2018f
      tzdata: update to 2018f

Bruce Ashfield (10):
      kernel-yocto/cfg: configuration warning fixes
      linux-yocto/4.14/4.18: address kernel configuration warnings
      linux-yocto: configuration warning fixes
      linux-yocto: tweak RTC configuration
      linux-yocto/4.14: fix kernel configuration audit warnings
      linux-yocto/4.14: update to v4.14.71
      linux-yocto: enable pci and CRYPTO_DEV_VIRTIO
      linux-yocto/4.14: fix beaglebone configuration warnings
      linux-yocto-rt: fixup 4.14 merge issues
      linux-yocto/4.14: update to v4.14.76

Changqing Li (1):
      apt: update SRC_URI

Chen Qi (2):
      python: backport patch to fix CVE-2018-1000802
      python: backport patch to fix CVE-2018-14647

Dan McGregor (2):
      os-release: move to nonarch_libdir
      base-files: change permissions on /sys and /proc

Derek Straka (1):
      python: update to version 2.7.15

Grygorii Tertychnyi (2):
      cve-check: Allow multiple entries in CVE_PRODUCT
      curl: extend CVE_PRODUCT

Hongxu Jia (2):
      valgrind: fix compile ptest failure on mips32
      nasm: fix CVE-2018-1000667

Hongzhi.Song (1):
      linux-yocto-rt: Add paravirt_kvm support for qemux86-64

Jagadeesh Krishnanjanappa (1):
      valgrind: fix ptest compilation for PowerPC64

Peter Kjellerstedt (1):
      curl: Include the complete license information

Richard Purdie (2):
      yocto-uninative: Upgrade to verson 2.3 which includes glibc 2.28
      oeqa/selftest/runtime_test: Ensure we build/use gnupg-native

Ross Burton (2):
      python: clean up ptest
      python: don't use runtime checks to identify float endianism

Zhixiong Chi (1):
      curl: CVE-2018-14618

Change-Id: I4b7aa481ed2a57c3551c4a45d30350f2376444cc
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>

diff --git a/poky/meta/classes/cve-check.bbclass b/poky/meta/classes/cve-check.bbclass
index 12ad3e5..743bc08 100644
--- a/poky/meta/classes/cve-check.bbclass
+++ b/poky/meta/classes/cve-check.bbclass

@@ -190,7 +190,8 @@
         # Write the faux CSV file to be used with cve-check-tool
         fd, faux = tempfile.mkstemp(prefix="cve-faux-")
         with os.fdopen(fd, "w") as f:
-            f.write("%s,%s,%s," % (bpn, pv, cves))
+            for pn in bpn.split():
+                f.write("%s,%s,%s,\n" % (pn, pv, cves))
         cmd.append(faux)
 
         output = subprocess.check_output(cmd).decode("utf-8")