cve-check: improve comment about CVE patch file names

author Michael Opdenacker <michael.opdenacker@bootlin.com>

Thu, 5 Aug 2021 16:50:46 +0000 (18:50 +0200)

committer Richard Purdie <richard.purdie@linuxfoundation.org>

Fri, 6 Aug 2021 05:34:26 +0000 (06:34 +0100)
author Michael Opdenacker <michael.opdenacker@bootlin.com>
Thu, 5 Aug 2021 16:50:46 +0000 (18:50 +0200)
committer Richard Purdie <richard.purdie@linuxfoundation.org>
Fri, 6 Aug 2021 05:34:26 +0000 (06:34 +0100)
diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass

index bf7dd15c738c6e7f6e111f932c45a978d0dfb444..6582f97151389639cbbc483b524cc16a6bf3c24f 100644 (file)
--- a/meta/classes/cve-check.bbclass
+++ b/meta/classes/cve-check.bbclass
@@ -166,9 +166,12 @@ def get_patches_cves(d):
      pn = d.getVar("PN")
      cve_match = re.compile("CVE:( CVE\-\d{4}\-\d+)+")
  
-    # Matches last CVE-1234-211432 in the file name, also if written
-    # with small letters. Not supporting multiple CVE id's in a single
-    # file name.
+    # Matches the last "CVE-YYYY-ID" in the file name, also if written
+    # in lowercase. Possible to have multiple CVE IDs in a single
+    # file name, but only the last one will be detected from the file name.
+    # However, patch files contents addressing multiple CVE IDs are supported
+    # (cve_match regular expression)
+
      cve_file_name_match = re.compile(".*([Cc][Vv][Ee]\-\d{4}\-\d+)")
  
      patched_cves = set()
author	Michael Opdenacker <michael.opdenacker@bootlin.com>
	Thu, 5 Aug 2021 16:50:46 +0000 (18:50 +0200)
committer	Richard Purdie <richard.purdie@linuxfoundation.org>
	Fri, 6 Aug 2021 05:34:26 +0000 (06:34 +0100)