diff options
Diffstat (limited to 'meta/recipes-core/meta/cve-update-db-native.bb')
-rw-r--r-- | meta/recipes-core/meta/cve-update-db-native.bb | 14 |
1 files changed, 12 insertions, 2 deletions
diff --git a/meta/recipes-core/meta/cve-update-db-native.bb b/meta/recipes-core/meta/cve-update-db-native.bb index cf62e1e32c..b073936298 100644 --- a/meta/recipes-core/meta/cve-update-db-native.bb +++ b/meta/recipes-core/meta/cve-update-db-native.bb | |||
@@ -138,14 +138,24 @@ def parse_node_and_insert(c, node, cveId): | |||
138 | for cpe in node.get('cpe_match', ()): | 138 | for cpe in node.get('cpe_match', ()): |
139 | if not cpe['vulnerable']: | 139 | if not cpe['vulnerable']: |
140 | return | 140 | return |
141 | cpe23 = cpe['cpe23Uri'].split(':') | 141 | cpe23 = cpe.get('cpe23Uri') |
142 | if not cpe23: | ||
143 | return | ||
144 | cpe23 = cpe23.split(':') | ||
145 | if len(cpe23) < 6: | ||
146 | return | ||
142 | vendor = cpe23[3] | 147 | vendor = cpe23[3] |
143 | product = cpe23[4] | 148 | product = cpe23[4] |
144 | version = cpe23[5] | 149 | version = cpe23[5] |
145 | 150 | ||
151 | if cpe23[6] == '*' or cpe23[6] == '-': | ||
152 | version_suffix = "" | ||
153 | else: | ||
154 | version_suffix = "_" + cpe23[6] | ||
155 | |||
146 | if version != '*' and version != '-': | 156 | if version != '*' and version != '-': |
147 | # Version is defined, this is a '=' match | 157 | # Version is defined, this is a '=' match |
148 | yield [cveId, vendor, product, version, '=', '', ''] | 158 | yield [cveId, vendor, product, version + version_suffix, '=', '', ''] |
149 | elif version == '-': | 159 | elif version == '-': |
150 | # no version information is available | 160 | # no version information is available |
151 | yield [cveId, vendor, product, version, '', '', ''] | 161 | yield [cveId, vendor, product, version, '', '', ''] |