cve-update-db-native: handle all-wildcard versions

If a CPE version field is just *:*:*:* it should be handled the same as
-:*:*:*, that is 'all versions'.  To ease handling, transform this case
to use -.

(From OE-Core rev: ff17ef98ff7ff0bfac9f647c0833f5b7b6d6fdd6)

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 04a9bc4ca5294fe6834513669c7746a824d12b04)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

meta/recipes-core/meta/cve-update-db-native.bb

@@ -166,7 +166,12 @@ def parse_node_and_insert(c, node, cveId):
                     op_end = '<'
                     v_end = cpe['versionEndExcluding']
 
-                yield [cveId, vendor, product, v_start, op_start, v_end, op_end]
+                if op_start or op_end or v_start or v_end:
+                    yield [cveId, vendor, product, v_start, op_start, v_end, op_end]
+                else:
+                    # This is no version information, expressed differently.
+                    # Save processing by representing as -.
+                    yield [cveId, vendor, product, '-', '', '', '']
 
     c.executemany("insert into PRODUCTS values (?, ?, ?, ?, ?, ?, ?)", cpe_generator())