]> git.ipfire.org Git - thirdparty/openembedded/openembedded-core.git/commit
projects / thirdparty / openembedded / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 1fe434d) | patch
cve-update-nvd2-native: handle all configuration nodes, not just first
authorRoss Burton <ross.burton@arm.com>
Fri, 23 Jun 2023 12:32:49 +0000 (13:32 +0100)
committerSteve Sakoman <steve@sakoman.com>
Thu, 13 Jul 2023 16:54:58 +0000 (06:54 -1000)
commite521d6ce48d3b04eb2d53c710bba18593a908fe3
tree0202381049f3897b374549d955830504fad83eabtree
parent1fe434d42a3365f232b07864638128b7ac70f627commit | diff
cve-update-nvd2-native: handle all configuration nodes, not just first

Some CVEs, such as CVE-2013-6629, list multiple configurations which are
vulnerable. The current JSON parser only considers the first
configuration.

Instead, consider every configuration. We don't yet handle the AND/OR
logical operators, but this is a step in the right direction.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit e1bf4f6dd686055fe9a8bdcc3f739eac2807bae0)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
meta/recipes-core/meta/cve-update-nvd2-native.bb diff | blob | blame | history
Mirror of git://git.openembedded.org/openembedded-core