Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: enhance products with no identified vulnerabilities #3254

Merged
merged 3 commits into from
Aug 17, 2023
Merged

feat: enhance products with no identified vulnerabilities #3254

merged 3 commits into from
Aug 17, 2023

Commits on Aug 15, 2023

  1. feat: enhance products with no identified vulnerabilities 

    Currently, cve-bin-tool will return gnu:zlib in "Products with No
Identified Vulnerabilities" if zlib is found but not affected by
CVE-2016-9842 (i.e. zlib >= 1.2.9) because NVD NIST database contains
two CPE IDs for zlib (gnu:zlib and zlib:zlib)

With this update, product with multiple vendors will not be displayed
under above section if a CVE is found with one of the vendor.

Fix intel#3169

Signed-off-by: Fabrice Fontaine <fabrice.fontaine@orange.com>
    @ffontaine
    ffontaine committed Aug 15, 2023
    Configuration menu
    Copy the full SHA
    60d75ef View commit details
    Browse the repository at this point in the history

  2. Merge branch 'main' into enhance-products-no-identified-vulns

    @ffontaine
    ffontaine committed Aug 15, 2023
    Configuration menu
    Copy the full SHA
    1e23704 View commit details
    Browse the repository at this point in the history

Commits on Aug 16, 2023

  1. Merge branch 'main' into enhance-products-no-identified-vulns

    @ffontaine
    ffontaine committed Aug 16, 2023
    Configuration menu
    Copy the full SHA
    8c72605 View commit details
    Browse the repository at this point in the history