Add the find-cve-backports script
The Linux Kernel does not distinguish between security fixes and regular bug fixes in its policy. As a result, downstream kernels face a challenge in tracking the necessary backports for security fixes. While many innovative Machine Learning-based approaches exist for identifying security patches, for a short-term solution, we are implementing a straightforward string-matching mechanism.
This MR adds the find-cve-backports
script. It looks at upstream
patches not in downstream which are possible security fixes.
Signed-off-by: Wander Lairson Costa wander@redhat.com
Edited by Wander Lairson Costa