support/scripts/cve.py: use proper CPE ID version when available

author Thomas Petazzoni <thomas.petazzoni@bootlin.com>

Mon, 12 Apr 2021 19:41:25 +0000 (21:41 +0200)

committer Thomas Petazzoni <thomas.petazzoni@bootlin.com>

Sun, 18 Apr 2021 16:20:27 +0000 (18:20 +0200)
author Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Mon, 12 Apr 2021 19:41:25 +0000 (21:41 +0200)
committer Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Sun, 18 Apr 2021 16:20:27 +0000 (18:20 +0200)
diff --git a/support/scripts/cve.py b/support/scripts/cve.py

index 965fc2a466f7751bebac6b4ca10c7d05a56d44b0..13c29fabe0c1a1667d01cf4c33dc92289e8e634a 100755 (executable)
--- a/support/scripts/cve.py
+++ b/support/scripts/cve.py
@@ -229,6 +229,11 @@ class CVE:
          # if we don't have a cpeid, build one based on name and version
          if not cpeid:
              cpeid = "cpe:2.3:*:*:%s:%s:*:*:*:*:*:*:*" % (name, version)
+        # if we have a cpeid, use its version instead of the package
+        # version, as they might be different due to
+        # <pkg>_CPE_ID_VERSION
+        else:
+            pkg_version = distutils.version.LooseVersion(cpe_version(cpeid))
  
          for cpe in self.each_cpe():
              if not cpe_matches(cpe['id'], cpeid):
author	Thomas Petazzoni <thomas.petazzoni@bootlin.com>
	Mon, 12 Apr 2021 19:41:25 +0000 (21:41 +0200)
committer	Thomas Petazzoni <thomas.petazzoni@bootlin.com>
	Sun, 18 Apr 2021 16:20:27 +0000 (18:20 +0200)