From 5988064ab89b2c16e6486a67c8d4946e7342f119 Mon Sep 17 00:00:00 2001 From: Michal Hocko Date: Mar 27 2024 12:54:15 +0000 Subject: scripts/check-kernel-fix: be more conservative when proposing branches to backport to non CVE patches If a kernel fix doesn't have any CVE assigned (e.g. a regular git-fixes candidate) then do not propose branches that have higher bar to accept changes (e.g. LTSS branches) --- diff --git a/scripts/check-kernel-fix b/scripts/check-kernel-fix index 4f752df..65c71d5 100755 --- a/scripts/check-kernel-fix +++ b/scripts/check-kernel-fix @@ -353,6 +353,11 @@ then bsc=$(cve2bugzilla $cve $refresh) cvss=$(cve2cvss $cve $refresh) echo "Security fix for $cve $bsc with CVSS ${cvss:-unknown}" +else + # emulate no CVE fix as CVSS==0. This will typically happen + # for upstream commit with Fixes: which we want to target to + # less conservative branches only + cvss=0 fi references="$cve $bsc"