cve-check: rewrite look to fix false negatives
A previous optimisation was premature and resulted in false-negatives in the report. Rewrite the checking algorithm to first get the list of potential CVEs by vendor:product, then iterate through every matching CPE for that CVE to determine if the bounds match or not. By doing this in two stages we can know if we've checked every CPE, instead of accidentally breaking out of the scan too early. (From OE-Core rev: d61aff9e) Signed-off-by:Ross Burton <ross.burton@intel.com> Signed-off-by:
Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by:
Armin Kuster <akuster808@gmail.com>
Loading
Please register or sign in to comment