Hi, On Fri, Jan 24, 2020 at 11:02:02AM +0200, Anders Montonen wrote: > Hi, > > What's the best way for handling name collisions when using the cve-checker > tool? For example, there's a ton of Adobe Flex vulnerabilities that are > reported against the Flex lexical analyzer generator tool. Whitelisting the > individual CVEs would be one option, but the list is pretty long.
Set CVE_PRODUCT to match real NVD product name with possibly vendor too. There are a few examples in poky master. Cheers, -Mikko > Regards, > Anders Montonen >
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#48134): https://lists.yoctoproject.org/g/yocto/message/48134 Mute This Topic: https://lists.yoctoproject.org/mt/70066324/21656 Group Owner: [email protected] Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
