Re: [OE-core] [PATCH 3/4] cve-update-nvd2-native: handle all configuration nodes, not just first

On Fri, 23 Jun 2023, 08:32 , wrote: > From: Ross Burton > > Some CVEs, such as CVE-2013-6629, list multiple configurations which are > vulnerable. The current JSON parser only considers the first > configuration. > > Instead, consider every configuration. We don't yet handle the AND/OR >

[OE-core] [PATCH 3/4] cve-update-nvd2-native: handle all configuration nodes, not just first

From: Ross Burton Some CVEs, such as CVE-2013-6629, list multiple configurations which are vulnerable. The current JSON parser only considers the first configuration. Instead, consider every configuration. We don't yet handle the AND/OR logical operators, but this is a step in the right