support/scripts/cve.py: use proper CPE ID version when available

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2024-11-27 15:33:28 +08:00 · 2021-04-12 21:41:25 +02:00 · 2021-04-12 21:41:25 +02:00 · d06bf96097
commit d06bf96097
parent 5e37992132
1 changed files with 5 additions and 0 deletions
--- a/support/scripts/cve.py
+++ b/support/scripts/cve.py
@ -229,6 +229,11 @@ class CVE:
        # if we don't have a cpeid, build one based on name and version
        if not cpeid:
            cpeid = "cpe:2.3:*:*:%s:%s:*:*:*:*:*:*:*" % (name, version)
+        # if we have a cpeid, use its version instead of the package
+        # version, as they might be different due to
+        # <pkg>_CPE_ID_VERSION
+        else:
+            pkg_version = distutils.version.LooseVersion(cpe_version(cpeid))

        for cpe in self.each_cpe():
            if not cpe_matches(cpe['id'], cpeid):