Add the find-cve-backports script (!50) · Merge requests · Red Hat / centos-stream / src / kernel / Utilities / Kernel Tools

Wander Lairson Costa requested to merge walac/tools:find-cve-backport into main Mar 17, 2023

The Linux Kernel does not distinguish between security fixes and regular bug fixes in its policy. As a result, downstream kernels face a challenge in tracking the necessary backports for security fixes. While many innovative Machine Learning-based approaches exist for identifying security patches, for a short-term solution, we are implementing a straightforward string-matching mechanism.

This MR adds the find-cve-backports script. It looks at upstream patches not in downstream which are possible security fixes.

Signed-off-by: Wander Lairson Costa wander@redhat.com

Edited Mar 29, 2023 by Wander Lairson Costa

Add the find-cve-backports script

Merge request reports