Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CVE related normalization #367

Open
11 of 24 tasks
AMDmi3 opened this issue May 14, 2020 · 1 comment
Open
11 of 24 tasks

CVE related normalization #367

AMDmi3 opened this issue May 14, 2020 · 1 comment
Labels
normalization Huge package group normalization tasks

Comments

@AMDmi3
Copy link
Member

AMDmi3 commented May 14, 2020
edited
Loading

Introducting vulnerabilities support revealed some inconsistencies which should be fixed in order to be able to properly match package versions to CPE versions attached to CVE entries. Some emails or bug reports are being sent out, and some normalization rules may need to be changed here when I get replies.
@AMDmi3 AMDmi3 added the normalization Huge package group normalization tasks label May 14, 2020
@AMDmi3 AMDmi3 mentioned this issue May 14, 2020
Open
15 tasks
@AMDmi3
Copy link
Member Author

AMDmi3 commented May 22, 2020

NVD answered by mails regarding neomutt and golang, neomutt versions were already fixed. It seems that they are open to contributions, so incorrect data in NVD will be fixed eventually.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
normalization Huge package group normalization tasks
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@AMDmi3