You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
EDIT: Changing this issue to be more generic about questions about debsecan's inner workings.
Is binary_package being used?
Should we check for vulnerabilities using the version only, or also check all of the versions in the other_versions array?
The original debsecan tool for debian CVE listing works with an attribute "binary_package", as well as an array of source_packages per binary_package.
However as far as I can tell this is not used in any way. There are no vulnerabilities where binary_package is true, so I removed the functionality before even committing it.
# In the VulnerabilityParser class
def binary_packages
@packages ||= parse_binary_packages
end
def parse_binary_packages
vulnerability_data.split(/\n\n/)[2].split(/\n/).each_with_object(Hash.new([])) do |package_string, packages|
package_name, source_packages_string = package_string.split(',', 2)
packages[package_name] = source_packages_string.split(' ')
end
end
The text was updated successfully, but these errors were encountered:
hannesfostie
changed the title
Binary / source package functionality
Debsecan functionality questions
Nov 3, 2014
EDIT: Changing this issue to be more generic about questions about debsecan's inner workings.
The original debsecan tool for debian CVE listing works with an attribute "binary_package", as well as an array of source_packages per binary_package.
However as far as I can tell this is not used in any way. There are no vulnerabilities where binary_package is true, so I removed the functionality before even committing it.
Here's my first attempt at the code:
The text was updated successfully, but these errors were encountered: