From: Lee Chee Yang <[email protected]> fix logic for CVE DB update so that when the CPE version is '-', it keeps the version as '-' in the DB file too and leave other operation as blank.
Signed-off-by: Lee Chee Yang <[email protected]> --- meta/recipes-core/meta/cve-update-db-native.bb | 3 +++ 1 file changed, 3 insertions(+) diff --git a/meta/recipes-core/meta/cve-update-db-native.bb b/meta/recipes-core/meta/cve-update-db-native.bb index 497d957..f27ade4 100644 --- a/meta/recipes-core/meta/cve-update-db-native.bb +++ b/meta/recipes-core/meta/cve-update-db-native.bb @@ -138,6 +138,9 @@ def parse_node_and_insert(c, node, cveId): if version != '*' and version != '-': # Version is defined, this is a '=' match yield [cveId, vendor, product, version, '=', '', ''] + elif version == '-': + # no version information is available + yield [cveId, vendor, product, version, '', '', ''] else: # Parse start version, end version and operators op_start = '' -- 2.7.4
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#136956): https://lists.openembedded.org/g/openembedded-core/message/136956 Mute This Topic: https://lists.openembedded.org/mt/72722531/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
