]> git.ipfire.org Git - thirdparty/openembedded/openembedded-core.git/commit
projects / thirdparty / openembedded / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 17eb078) | patch
cve-update-nvd2-native: handle all configuration nodes, not just first
authorRoss Burton <ross.burton@arm.com>
Fri, 23 Jun 2023 12:32:49 +0000 (13:32 +0100)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Tue, 27 Jun 2023 15:23:34 +0000 (16:23 +0100)
commite1bf4f6dd686055fe9a8bdcc3f739eac2807bae0
tree5c2d6bd070e415d3b98eca9caa5e88aab47e496dtree | snapshot
parent17eb07885147a06bf7bdd43f7869fe4411be80a0commit | diff
cve-update-nvd2-native: handle all configuration nodes, not just first

Some CVEs, such as CVE-2013-6629, list multiple configurations which are
vulnerable. The current JSON parser only considers the first
configuration.

Instead, consider every configuration. We don't yet handle the AND/OR
logical operators, but this is a step in the right direction.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
meta/recipes-core/meta/cve-update-nvd2-native.bb diff | blob | blame | history
Mirror of git://git.openembedded.org/openembedded-core