]> code.ossystems Code Review - openembedded-core.git/commit
Code Review / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: 620d69e) | patch
cve-check: CPE version '-' as all version
authorLee Chee Yang <chee.yang.lee@intel.com>
Tue, 31 Mar 2020 07:26:03 +0000 (15:26 +0800)
committerArmin Kuster <akuster808@gmail.com>
Sun, 17 May 2020 16:01:23 +0000 (09:01 -0700)
commit1d06fedf46c8f67fccde7a00d7199d7052c33b30
tree273086b0f4664c44431ce24f155856b5c3e820b1tree | snapshot
parent620d69e7ad0d0c40ecd135e48f96aaf368c7f242commit | diff
cve-check: CPE version '-' as all version

CPE version could be '-' to mean no version info.
Current cve_check treat it as not valid and does not report these
CVE but some of these could be a valid vulnerabilities.

Since non-valid CVE can be whitelisted, so treat '-' as all version
and report all these CVE to capture possible vulnerabilities.

Non-valid CVE to be whitelisted separately.

[YOCTO #13617]

Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit c69ee3594079589d27c10db32bc288566ebde9ef)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
meta/classes/cve-check.bbclass diff | blob | history
meta/recipes-core/meta/cve-update-db-native.bb diff | blob | history
Mirror of the official openembedded-core repository