mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-04-23 00:32:12 +02:00
Code Issues Packages Projects Releases Wiki Activity

cve-update-db-native: handle all-wildcard versions

Browse Source 
If a CPE version field is just *:*:*:* it should be handled the same as
-:*:*:*, that is 'all versions'.  To ease handling, transform this case
to use -.

(From OE-Core rev: 04a9bc4ca5294fe6834513669c7746a824d12b04)

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
Ross Burton
2020-11-24 12:57:24 +00:00
committed by Richard Purdie
parent 3ecf5d9692
commit 22dea63874
1 changed files with 6 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
meta/recipes-core/meta/cve-update-db-native.bb
View File

@@ -172,7 +172,12 @@ def parse_node_and_insert(c, node, cveId):
op_end = '<'
v_end = cpe['versionEndExcluding']
yield [cveId, vendor, product, v_start, op_start, v_end, op_end]
if op_start or op_end or v_start or v_end:
yield [cveId, vendor, product, v_start, op_start, v_end, op_end]
else:
# This is no version information, expressed differently.
# Save processing by representing as -.
yield [cveId, vendor, product, '-', '', '', '']
c.executemany("insert into PRODUCTS values (?, ?, ?, ?, ?, ?, ?)", cpe_generator())