[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH OSSTEST] Add a weekly coverity flight



On Mon, 2016-01-04 at 16:47 +0000, Ian Jackson wrote:
> Ian Campbell writes ("[PATCH OSSTEST] Add a weekly coverity flight"):
> > Move collectversions into Osstest::BuildSupport rather than
> > duplicating with ts-xen-build (nothing else is really duplicated)
> 
> This could profitably be split into a separate patch IMO.
> 
> > For the cr-* integration we treat branch=coverity as a special case of
> > tree=xen. I didn't think tree=coverity made much sense, and would
> > probably reach tendrils into lots of other places (such as the
> > invocations of check_tested).
> > 
> > TODO: How to pick $c{CoverityEmail}, needs to be a real email which is
> > in coverity project (which security@xxxxxxx used here is not)
> 
> I don't have an answer to this but perhaps osstest-admin@xenproject ?
> Or will it get lots of annoying output ?ÂÂ(We could filter it to make
> it go to osstest-output I guess...)

It's not lots of output, but it will contain potential security
vulnerabilities.

In principal it should only contain newly introduced vulnerabilities, which
we would obviously fix before releasing, but:

a) We might not notice but someone more nefarious might

b) Some kinds of changes can cause previously discovered (but not fixed)
issues to be re-reported


> > +CoverityEmail security@xxxxxxx
> > +CoverityTools cov-analysis-linux64-7.7.0.4.tar.gz
> 
> This file needs a DEPLOYMENT NOTE I think.

Yes.

> 
> The rest of this looks OK.ÂÂA review from Andrew Cooper might be
> worthwhile ?
> 
> Ian.

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.