From: Peter Marko <peter.marko@siemens.com>
Date: Wed, 30 Oct 2024 18:49:50 +0000 (+0100)
Subject: cve-check: do not skip cve status description after :
X-Git-Tag: uninative-4.7~1024
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=3c4d8ca41ac0b429af92bf0ea84f1dfd0cda9e1f;p=thirdparty%2Fopenembedded%2Fopenembedded-core.git

cve-check: do not skip cve status description after :

Correct maxsplit parameter from 5 to 4 to not drop text if
description contains ":".

Example:
>>> "detail: cpe:vendor:product:description:cont".split(':', 5)
['detail', ' cpe', 'vendor', 'product', 'description', 'xxx']
>>> "detail: cpe:vendor:product:description:cont".split(':', 4)
['detail', ' cpe', 'vendor', 'product', 'description:xxx']

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---

diff --git a/meta/lib/oe/cve_check.py b/meta/lib/oe/cve_check.py
index 487f30dc251..268adfb528c 100644
--- a/meta/lib/oe/cve_check.py
+++ b/meta/lib/oe/cve_check.py
@@ -239,7 +239,7 @@ def decode_cve_status(d, cve):
     if not status:
         return {}
 
-    status_split = status.split(':', 5)
+    status_split = status.split(':', 4)
     status_out = {}
     status_out["detail"] = status_split[0]
     product = "*"