diff options
Diffstat (limited to 'meta/recipes-core/meta/cve-update-db-native.bb')
| -rw-r--r-- | meta/recipes-core/meta/cve-update-db-native.bb | 14 |
1 files changed, 12 insertions, 2 deletions
diff --git a/meta/recipes-core/meta/cve-update-db-native.bb b/meta/recipes-core/meta/cve-update-db-native.bb index cf62e1e32c..b073936298 100644 --- a/meta/recipes-core/meta/cve-update-db-native.bb +++ b/meta/recipes-core/meta/cve-update-db-native.bb @@ -138,14 +138,24 @@ def parse_node_and_insert(c, node, cveId): for cpe in node.get('cpe_match', ()): if not cpe['vulnerable']: return - cpe23 = cpe['cpe23Uri'].split(':') + cpe23 = cpe.get('cpe23Uri') + if not cpe23: + return + cpe23 = cpe23.split(':') + if len(cpe23) < 6: + return vendor = cpe23[3] product = cpe23[4] version = cpe23[5] + if cpe23[6] == '*' or cpe23[6] == '-': + version_suffix = "" + else: + version_suffix = "_" + cpe23[6] + if version != '*' and version != '-': # Version is defined, this is a '=' match - yield [cveId, vendor, product, version, '=', '', ''] + yield [cveId, vendor, product, version + version_suffix, '=', '', ''] elif version == '-': # no version information is available yield [cveId, vendor, product, version, '', '', ''] |