mirror of
https://git.yoctoproject.org/meta-security
synced 2026-01-12 15:10:46 +00:00
0fc645a946
NVD entries for the Linux kernel are almost always outdated. For example, https://nvd.nist.gov/vuln/detail/CVE-2018-1065 is shown as matched for "versions up to (including) 4.15.7", however the patch 57ebd808a97d has been back ported for 4.14. By default, it checks NVD Resource entries for the patch URLs and looks for the commits in the local GIT tree. Additionaly ("--resource") it checks other resources, that may have up-to-date CVE data. You can combine resources and decide which one you want to be based on. Signed-off-by: grygorii tertychnyi <gtertych@cisco.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>