Skip to content
Commit 9948dd86 authored by Ross Burton's avatar Ross Burton Committed by Armin Kuster
Browse files

cve-check: rewrite look to fix false negatives



A previous optimisation was premature and resulted in false-negatives in the report.

Rewrite the checking algorithm to first get the list of potential CVEs by
vendor:product, then iterate through every matching CPE for that CVE to
determine if the bounds match or not.  By doing this in two stages we can know
if we've checked every CPE, instead of accidentally breaking out of the scan too
early.

(From OE-Core rev: d61aff9e)

Signed-off-by: default avatarRoss Burton <ross.burton@intel.com>
Signed-off-by: default avatarRichard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: default avatarArmin Kuster <akuster808@gmail.com>
parent 2ddf1c0b
Loading
Loading
Loading
Loading
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment