-
Notifications
You must be signed in to change notification settings - Fork 456
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
gnutls file test added for version 2.3.11 #311
Conversation
@terriko I've removed those comments from the PR. |
@terriko @pdxjohnny I'd like to mention a problem with gnutls checker. The checker was unable to find the CVE's in the given version as you can see from the below output mastervulcan@DESKTOP-DMEM457:~/gsoc-cve-bin-tool$ cve-bin-tool ./testFilesCVE-bin-tool/gnutls-2.3.11/
Checking if CVE data needs an update.
Last Update: 2020-01-28
Local database has been updated in the past 24h.
New data not downloaded. Use "-u now" to force an update
Overall CVE summary:
There are 0 files with known CVEs detected where ./testFilesCVE-bin-tool/gnutls-2.3.11/ is the location where I've extracted gnutls-2.3.11.tar.bz2 file. The File test which I've written uses the same file. But the test said ok. |
@SinghHrmn That happens sometimes if it finds a version but doesn't find any CVEs associated with that version -- the file test checks if this is 2.3.11 as you said it was, but it doesn't look for CVEs. You can check to see what it thinks it found by using --log debug right now. If it's not finding anything, this might be a bug so please file an issue for it so we can investigate further. |
Hm, put some more thought into this:
If cve-bin-tool thinks for some reason that there are no CVEs in 2.3.11 exist, then what you're seeing would be normal behaviour. But 2.3.11 is pretty old, so I put it in a csv file to test and got some results. So that definitely looks like a bug.
|
Added gnutls file test for version 2.3.11. The 2.3.11 version was downloaded from the official gnutls website. All the test were fine. I've attached the test screenshot