Merge ~litios/ubuntu-cve-tracker:oval/fix_broken_criteria into ubuntu-cve-tracker:master
Proposed by
David Fernandez Gonzalez
| Status: | Merged |
|---|---|
| Merge reported by: | David Fernandez Gonzalez |
| Merged at revision: | 2ce9e012bd027389b5bf836a2c7e4fc000218f0f |
| Proposed branch: | ~litios/ubuntu-cve-tracker:oval/fix_broken_criteria |
| Merge into: | ubuntu-cve-tracker:master |
| Diff against target: |
173 lines (+42/-22) 1 file modified
scripts/oval_lib.py (+42/-22) |
| Related bugs: |
| Reviewer | Review Type | Date Requested | Status |
|---|---|---|---|
| Paulo Flabiano Smorigo | Approve | ||
| Eduardo Barretto | Approve | ||
|
Review via email:
|
|||
Description of the change
This PR fixes several issues:
1. Prevent empty CVEs from being created when the affected packages have no valid binaries.
2. Properly set parent release priorities. A bug occurred where the status wasn't set correctly, making the results unpredictable.
3. Set the right version and status when there are parent releases involved.
1. If the status is vulnerable, use the top release with the latest available binaries.
2. If the status is fixed, find the parent in which it was fixed and use that.
To post a comment you must log in.
Revision history for this message
| David Fernandez Gonzalez (litios) wrote | # |
Preview Diff
[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
Diffs:
* Jammy: https:/
* Jammy OCI: https:/
* Bionic: https:/
* Bionic OCI: https:/
* ESM-apps Xenial: Too long for pastebin (Many esm-apps/xenial -> xenial, affects kernel too)
- Results diff: (None)