summaryrefslogtreecommitdiffstats
path: root/LICENSE.MIT
diff options
context:
space:
mode:
authorMatsunaga-Shinji <shin.matsunaga@fujitsu.com>2023-11-29 11:19:15 +0900
committerRichard Purdie <richard.purdie@linuxfoundation.org>2023-12-02 17:18:57 +0000
commit291bc9e96a1fa60b036c7b99cd9c3822bfd92caa (patch)
treed8ba7812e7fc9c8fbec9b74a9460954576a37c75 /LICENSE.MIT
parent2364a81460bd676fe9a67d642ab4e197f8ad68f5 (diff)
downloadpoky-291bc9e96a1fa60b036c7b99cd9c3822bfd92caa.tar.gz
cve-check: Modify judgment processing using "=" in version comparison
Judgment processing of vulnerable using "=" compares characters as strings rather than numbers, and misjudges "cases that do not match in strings but do match in numbers" as "Patched". (e.g. PV = "1.2.0" and Vulnerabilities Affected Versions (registered with NVD) = "1.2") Therefore, if the comparison operator used in the judgment processing of vulnerable is "=", add numeric comparison processing. (From OE-Core rev: a1989e4197178c2431ceca499e0b4876b233b131) Signed-off-by: Shinji Matsunaga <shin.matsunaga@fujitsu.com> Signed-off-by: Shunsuke Tokumoto <s-tokumoto@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'LICENSE.MIT')
0 files changed, 0 insertions, 0 deletions