From mboxrd@z Thu Jan 1 00:00:00 1970 Delivery-date: Wed, 13 Sep 2023 18:06:28 +0200 Received: from metis.whiteo.stw.pengutronix.de ([2a0a:edc0:2:b01:1d::104]) by lore.white.stw.pengutronix.de with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1qgSNp-00DxHs-Q6 for lore@lore.pengutronix.de; Wed, 13 Sep 2023 18:06:28 +0200 Received: from localhost ([127.0.0.1] helo=metis.whiteo.stw.pengutronix.de) by metis.whiteo.stw.pengutronix.de with esmtp (Exim 4.92) (envelope-from ) id 1qgSNm-0001Zm-Rv; Wed, 13 Sep 2023 18:06:26 +0200 Received: from mail-gv0che01on2059.outbound.protection.outlook.com ([40.107.23.59] helo=CHE01-GV0-obe.outbound.protection.outlook.com) by metis.whiteo.stw.pengutronix.de with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1qgSNf-0001Zd-1f for ptxdist@pengutronix.de; Wed, 13 Sep 2023 18:06:21 +0200 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Hy7T8gd2IPUxr7kw3pWDoVuW6mkT0aPI1MTn9sy+2CBNxJP8gn+ntNDlHOlvMPoqzxDxfj3gmWquJvpRhuRLQQ2/5NqXu6QnX5XhL6R34egH1/bRxXI+V4wE8lfMBgwGcMUbLNHWmvtSEj6axIspuW7lKthJjVx0kycTDI5ToBo2cpKrtVpC3l6aXKRzxnysDr+lQqBvuBt8rJ9NuJb5rIM5ObQZxt7CB6T3IuJ2H6Aqva+yaPOegOEzawSAstdN0XTnl21Rd/2J8N0VNwkKtNT5O5rvdQVew916oW7i4LpJcFQ0iEeVtrJd27qAB8/B6iz0hCisMKj36zUgG8F0aw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=qnuvkmQFh6uTnFPz8x1ZIDh59BUpGh87FcUMQwG4w0Q=; b=ZuZN+yaM1IJ7oyaE9o5B7SOK5fecjkj5CQzG//Hy6niyH7Q5Z+3WNI8ZZKsXfst+Kyjte6fEH4deH9yLBK0teF+VTvRZOQ7jQ3bfvSxTeGW9wb70DuKIT6Q/AMvkKP3Iw7+MqCO1LrcLSLGPrzE46NesM+twBcKMioJGvYaImRvTtswJuW+TNh7MG5mO7K4qNb00KidKpUDaanQg/uJw3ufV0qJxuYxEE1vWl7Nh307gveoE/bUgiAGHf1L7CxLKqaRELeS1bPGJxH3nB2Fl+AuzCFKvGU9uIvUsJqAGWxivNOZbuNTtALEfMr+yFeofpAiDS3Ym6AptcqIj92pL8A== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=verity.net; dmarc=pass action=none header.from=verity.net; dkim=pass header.d=verity.net; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=verity.net; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=qnuvkmQFh6uTnFPz8x1ZIDh59BUpGh87FcUMQwG4w0Q=; b=x5p382ZcwnvaDER2P8ArNHx3KSwzeJc5CtTkO52GhEEdK4UW5fZEyPSt23w/dVch83YVQRnM+/KG16qJKQeSaRN2ijMMFpyDOBrWuybGJxzUkHjNxm8GkBL9rzrCOIiswyirb5vft7Lk0MHoa2gAb1DRChXpQPb5WtRoJO8jW2SSFxqRhibDBxfmytSitcOR0egyQzRKHGrc+PJN1lTjQTpsmTYQk6fdi+djIbhmcCPAZ511aD0hu/vfOam+JwMkc59Jgk6Q0gRa/BFrfjqZzVkst+Ni8BFamer64y8H9epSX3M1M2hC7tLWlrXejvHS6+dwvoed/k0biKH/u3zbxA== Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=verity.net; Received: from GV0P278MB0784.CHEP278.PROD.OUTLOOK.COM (2603:10a6:710:53::9) by GV0P278MB0928.CHEP278.PROD.OUTLOOK.COM (2603:10a6:710:54::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6792.20; Wed, 13 Sep 2023 16:06:17 +0000 Received: from GV0P278MB0784.CHEP278.PROD.OUTLOOK.COM ([fe80::a5a5:a491:679b:42e]) by GV0P278MB0784.CHEP278.PROD.OUTLOOK.COM ([fe80::a5a5:a491:679b:42e%6]) with mapi id 15.20.6792.019; Wed, 13 Sep 2023 16:06:17 +0000 From: Simon Falsig To: ptxdist@pengutronix.de Date: Wed, 13 Sep 2023 18:05:44 +0200 Message-Id: <20230913160546.71046-1-sfalsig@verity.net> X-Mailer: git-send-email 2.25.1 Content-Transfer-Encoding: 8bit Content-Type: text/plain X-ClientProxiedBy: ZR2P278CA0003.CHEP278.PROD.OUTLOOK.COM (2603:10a6:910:50::6) To GV0P278MB0784.CHEP278.PROD.OUTLOOK.COM (2603:10a6:710:53::9) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: GV0P278MB0784:EE_|GV0P278MB0928:EE_ X-MS-Office365-Filtering-Correlation-Id: 3ade3cb1-d6a1-4d3b-1b8e-08dbb4735cdb X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: z3oUABGocvvJbZVgY0IwplndwLgwVFycLCZww8tFQskrUjJU3FyOHmpOHbnUZXwxS/90JbrkcJGgYvHNkWx1xrmZ+ndWoBglTpnYaf7SKmS9YfzicK2YUdS2gQxpk7s0fe5S6l/dfhQrpHyvi1sxZwHuHe8FCRoYDbLY3KHw+MfxRvJNPEkpduoWNFqf5pj0GhdPZksVIPkV2bQENwV1eoFfMHwFPcIwNraLmQdhiibJm2+lezo2Oyz90k4TdpJm/r2tKVcSo9rF77epX8VZt2UJVhxrE3xBXCURhQPvibcSirMsdEicBrwWSBDUjY0otolLMwxmaYkeil75QG7OLBAah7ti9e1uEIzdLmsSLbNje8bU40EObNeULWHTIWOU8ZWNgUNzNIPzinqiD3ZabDFb+Bo4kdh8Rwb9Dy1B+Hrzr4OMG7Aoq+7UZ7twE5TWYySbPUtKm2Sf1QPjEyeuUdkvqE1WR1JIEFAmJos+1FIw3ONoAMJ+efFHtkMHTcrhNpuKcV5ACXxWUG1sC1EcJV+TX64LA7YUgHEZi0JnoTT86uGlN1am0IRAFXFpSdBrDnphV8zNHtc+O6QS2/OIPv4OXk+H1nTxdzxbALqSwyqAAm0XW5fPsJtrTkfbYyJ9 X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:GV0P278MB0784.CHEP278.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(13230031)(39850400004)(396003)(366004)(136003)(346002)(376002)(451199024)(186009)(1800799009)(52116002)(6486002)(6506007)(6512007)(6666004)(478600001)(107886003)(26005)(1076003)(2616005)(2906002)(4326008)(8676002)(8936002)(66946007)(66556008)(66476007)(6916009)(316002)(5660300002)(41300700001)(86362001)(36756003)(38350700002)(38100700002); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?Go6Qsk5L41SyXzqgDW/RD2DijtSoI3S+QIzAcznX931d/r/JCAYmPC4iyXhU?= =?us-ascii?Q?kwnK29KGDbGj0+D3r6s7ykipqkjxmLaY4xQLcnUuFxIPL4fVtEYm0rnPKd+y?= =?us-ascii?Q?Sylb3XNWVmmORW/u0CCVcKKJ6rXgYlIef3WId8rYNqmHgKQofYSs9C0esfry?= =?us-ascii?Q?xSUQsUl1cCopMyNS5XGnSNVOJnlLHVlq0wPZiYK1slAm0YWCktCstr7CtGK7?= =?us-ascii?Q?dCWtObfjdaNNP0ywdq6z0vmxvrFSC8ZDEcUu69+g7lh38TvKlN/+ezL1sQAK?= =?us-ascii?Q?UZxDOrsLYbNk8QQOmTfiwiefeELiVL5r/VpoMYY4D6ODSDF8Olh8V4nzDkDx?= =?us-ascii?Q?r41U+BBWFvruXUPOM8To21LdFRk+v6jFQTi1raHUHr9S5VxSeR9R/izfglpE?= =?us-ascii?Q?DjXff1/4bSxIfNrR4RxSQjOGXIX936tlzNkFwRNJmQmSaZB3T9GrOhPn37A1?= =?us-ascii?Q?BFYGrjBPcwVHIU+MB/4ooZNyC0gMSFuTOLv1V5gxSvvvtcGVkWWYDhJCqtTC?= =?us-ascii?Q?AdtgDyKvdILanRmKyVeoTfzK281T+4Lf8/qiPTU7LkVZHtL6qzwDvvV6h9cC?= =?us-ascii?Q?x1dgJeo+jY3Ql5MtMDtv3QexpbeOhRwI6UyjS64veDgq1mv3ejXKpFW4k/mA?= =?us-ascii?Q?r+TCCfcf2Wblun8vY+7FVa9NJD/gOXzjM+V545nWUt9jrepOuBAbHcWqbjBF?= =?us-ascii?Q?xMB8l6jx/EBwqC7yp9i9IgtkpZKpTmA8OJRzcks53iGN0oklbJOme8iMZ5w0?= =?us-ascii?Q?X4J8Y4wQP7vZSxq+xJ5HaVshbJDcukusu2kmrypUEKhZIrQLmSycHuhImaHZ?= =?us-ascii?Q?SgcRacBki0B9cYZwd+j/d0f+lSYUWZJoDLl3+R2WgPaR53pMjdGb25oelSrV?= =?us-ascii?Q?KxPKuYv6UiDJ6JgkpFAHCbH0ilytlPuVL7nVYDpg5+CuzFYrX+Kfzan/1org?= =?us-ascii?Q?FN+znMM53dOpHa6n7gzB+5SoC0CdrEyTZNlC8705B9ID1Mzk+lY3ZMFZMc/8?= =?us-ascii?Q?9q7ExF2N3ckv1MJpCJv7lg1gTqNcC56xWwrMMa2N88rpxU+brhp0mIbWi/T5?= =?us-ascii?Q?XTPXK1Lxe7yWJWCLiKoNTCcHBaFWTnQpo1bOWuSS8KqY8GEzw1Qu5pDDWpnV?= =?us-ascii?Q?aDXNBOLnw+zpW0btCe8sGVkj7vNLqaicO/2VsPGb0P/AOJV9coN+Wgqhkb92?= =?us-ascii?Q?wbKWpmF9zXmFfId1GktYc2mH69acR3r2juFcDgte/jQVR0UQzvtRxdxVNsVh?= =?us-ascii?Q?qFLMP6J+KLySjsp6Im8VZHjLLYG74UaJ3lYxhyzeCaCQzGjQHdpJ5QsbAgo5?= =?us-ascii?Q?XmdzCn8QuiAf4MuNaDUaFQ2TPACL4AaJ4rElovmQwCLQGBPZFeLzZND/OsaG?= =?us-ascii?Q?9kLoTYr5hfmmkwARrEapiDX3ndGJtFkrGqxRBe2QD7Kc4xbkqYL+DsVLqPzX?= =?us-ascii?Q?EIJl5Gey9xcFLDhmvkzcflEFmoZz46iyK4aXjJXAmk//ZiIRJx7ryh1uaIpv?= =?us-ascii?Q?z/bEtSQH+tONJhVzVwwGOJqgVBfkTJe/CioHZDQiUXAUT153xmhAzgMLxI+n?= =?us-ascii?Q?/9D9u+5iANdpTxAY4yIVl+kPuZc9AzQu0GSq4AAz?= X-OriginatorOrg: verity.net X-MS-Exchange-CrossTenant-Network-Message-Id: 3ade3cb1-d6a1-4d3b-1b8e-08dbb4735cdb X-MS-Exchange-CrossTenant-AuthSource: GV0P278MB0784.CHEP278.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 13 Sep 2023 16:06:17.6663 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 06487c72-7d88-4632-bf56-071603defa0a X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: jG2rdStu6RxX0fjpFF8EQjQMMV8Uy7zZuDUR6NFNgyGZU5fR0DOLl7gZFKk6p03p+WwV5B/ClfzdAdP/2XRx3g== X-MS-Exchange-Transport-CrossTenantHeadersStamped: GV0P278MB0928 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on metis.whiteo.stw.pengutronix.de X-Spam-Level: X-Spam-Status: No, score=-1.8 required=4.0 tests=AWL,BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H2,SPF_HELO_PASS,SPF_PASS autolearn=ham autolearn_force=no version=3.4.2 Subject: [ptxdist] [PATCH 1/3] RFC: ptxd_make_world: Extract CPE for packages X-BeenThere: ptxdist@pengutronix.de X-Mailman-Version: 2.1.29 Precedence: list List-Id: PTXdist Development Mailing List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: ptxdist@pengutronix.de Cc: Simon Falsig Sender: "ptxdist" X-SA-Exim-Connect-IP: 127.0.0.1 X-SA-Exim-Mail-From: ptxdist-bounces@pengutronix.de X-SA-Exim-Scanned: No (on metis.whiteo.stw.pengutronix.de); SAEximRunCond expanded to false From: Simon Falsig If a package specifies a CPE, this is extracted into the fast report for that package. If no CPE is specified, then no value is added. The CPE (Common Platform Enumerator) allows matching CVEs to specific packages, and see if these apply to a specific deployment. --- rules/post/ptxd_make_world_common.make | 1 + scripts/lib/ptxd_make_world_report.sh | 1 + 2 files changed, 2 insertions(+) diff --git a/rules/post/ptxd_make_world_common.make b/rules/post/ptxd_make_world_common.make index 08120607a..6c646fb16 100644 --- a/rules/post/ptxd_make_world_common.make +++ b/rules/post/ptxd_make_world_common.make @@ -78,6 +78,7 @@ world/env/impl = \ pkg_PKG="$(call ptx/escape,$(1))" \ pkg_pkg="$(call ptx/escape,$($(1)))" \ pkg_version="$(call ptx/escape,$($(1)_VERSION))" \ + pkg_cpe="$(call ptx/escape,$($(1)_CPE))" \ pkg_config="$(call ptx/escape,$($(1)_CONFIG))" \ pkg_ref_config="$(call ptx/escape,$($(1)_REF_CONFIG))" \ pkg_path="$(call ptx/escape,$($(1)_PATH))" \ diff --git a/scripts/lib/ptxd_make_world_report.sh b/scripts/lib/ptxd_make_world_report.sh index dbdae5736..2bfe4c201 100644 --- a/scripts/lib/ptxd_make_world_report.sh +++ b/scripts/lib/ptxd_make_world_report.sh @@ -39,6 +39,7 @@ ptxd_make_world_report_yaml() { do_list "rundeps:" "${pkg_run_deps}" do_echo "config:" "${pkg_config}" do_echo "version:" "${pkg_version}" + do_echo "cpe:" "${pkg_cpe}" do_list "url:" "${pkg_url}" do_echo "md5:" "${pkg_md5}" do_echo "source:" "${pkg_src}" -- 2.25.1