Merge ~sahnaseredini/ubuntu-cve-tracker:amir-dev-oval-pkgcve-imp into ubuntu-cve-tracker:master
Proposed by
Amir Naseredini
Status: | Merged |
---|---|
Merged at revision: | 125c97eedd4e3c3d03ab57ef30325d1383bb5242 |
Proposed branch: | ~sahnaseredini/ubuntu-cve-tracker:amir-dev-oval-pkgcve-imp |
Merge into: | ubuntu-cve-tracker:master |
Diff against target: |
140 lines (+15/-34) 2 files modified
scripts/generate-oval (+13/-22) scripts/oval_lib.py (+2/-12) |
Related bugs: |
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Eduardo Barretto | Approve | ||
David Fernandez Gonzalez | Approve | ||
Review via email: mp+461623@code.launchpad.net |
Commit message
addressing the issues with regards to SEC-3844 and SEC-3846
Description of the change
this update should fix the unexpected results cause from adding `--expand` as
well as having some performance improvements
To post a comment you must log in.
Hey Amir, thanks for approaching this! I found an issue:
'--oval-releases esm-apps/bionic esm-infra/bionic bionic --expand' only generates esm-apps because of 'out_releases = set(out_releases) - parent_releases'. If any parent releases are part of the selected output releases, those will be removed.
If expand is provided, whatever releases the user provided in the CLI should be generated, so you could ignore the 'out_releases = set(out_releases) - parent_releases' part completely.