diff options
author | Brecht Van Lommel <brecht@blender.org> | 2022-10-20 14:26:47 +0300 |
---|---|---|
committer | Brecht Van Lommel <brecht@blender.org> | 2022-10-20 14:57:45 +0300 |
commit | 0d7065504effe3fe7f1483e79e39162249fa5099 (patch) | |
tree | 1d1a31d3530423fa6f5e8618df9c9310fe4c93b2 /build_files/build_environment/cmake/cve_check.cmake | |
parent | 21deba56aaeccf94d83024a9de4eef49ea05984f (diff) |
Build: mark remaining CVEs reported by cve_check as mitigated or ignored
After the last library update cve_check still reported some false positives.
One GMP issues was mitigated with a patch in the library update. The others
are ignored, with a description explaining why they do not affect Blender.
Ref D16269, T101403
Diffstat (limited to 'build_files/build_environment/cmake/cve_check.cmake')
-rw-r--r-- | build_files/build_environment/cmake/cve_check.cmake | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/build_files/build_environment/cmake/cve_check.cmake b/build_files/build_environment/cmake/cve_check.cmake index dfb190bcffa..ac42444aef1 100644 --- a/build_files/build_environment/cmake/cve_check.cmake +++ b/build_files/build_environment/cmake/cve_check.cmake @@ -27,10 +27,12 @@ get_cmake_property(_variableNames VARIABLES) foreach (_variableName ${_variableNames}) if(_variableName MATCHES "CPE$") string(REPLACE ":" ";" CPE_LIST ${${_variableName}}) + string(REPLACE "_CPE" "_ID" CPE_DEPNAME ${_variableName}) list(GET CPE_LIST 3 CPE_VENDOR) list(GET CPE_LIST 4 CPE_NAME) list(GET CPE_LIST 5 CPE_VERSION) - set(SBOMCONTENTS "${SBOMCONTENTS}${CPE_VENDOR},${CPE_NAME},${CPE_VERSION}\n") + set(${CPE_DEPNAME} "${CPE_VENDOR},${CPE_NAME},${CPE_VERSION}") + set(SBOMCONTENTS "${SBOMCONTENTS}${CPE_VENDOR},${CPE_NAME},${CPE_VERSION},,,\n") endif() endforeach() configure_file(${CMAKE_SOURCE_DIR}/cmake/cve_check.csv.in ${CMAKE_CURRENT_BINARY_DIR}/cve_check.csv @ONLY) |