cve-check: CPE version '-' as all version - linux/poky.git

diff options

author	Lee Chee Yang <chee.yang.lee@intel.com>	2020-03-31 15:26:03 +0800
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2020-04-29 16:11:56 +0100
commit	73738879a282e3a39c5753024ed363b27e704416 (patch)
tree	1fb2ae3d715435e615062b3f1951492184c08888 /meta/classes/own-mirrors.bbclass
parent	74f229160c7f4037107c1dad8f0d02128c080a7e (diff)
download	poky-73738879a282e3a39c5753024ed363b27e704416.tar.gz

cve-check: CPE version '-' as all version

CPE version could be '-' to mean no version info. Current cve_check treat it as not valid and does not report these CVE but some of these could be a valid vulnerabilities. Since non-valid CVE can be whitelisted, so treat '-' as all version and report all these CVE to capture possible vulnerabilities. Non-valid CVE to be whitelisted separately. [YOCTO #13617] (From OE-Core rev: 1e8e188514584f9f972c0eb733c10a61853ec3d0) Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit c69ee3594079589d27c10db32bc288566ebde9ef) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

Diffstat (limited to 'meta/classes/own-mirrors.bbclass')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: