172c3c7b |
From 8efe8675ad7055ad4ba7eef1c53c62eff501acb9 Mon Sep 17 00:00:00 2001
From: Alexey Makhalov <amakhalov@vmware.com>
Date: Thu, 22 Dec 2016 23:33:02 -0800
Subject: [PATCH 5/6] Concatenate update to the version for jdk/jre
To have 1.8.0.102 instead of 1.8.0:update_102 for instance
---
src/core.c | 13 +++++++++++++
1 file changed, 13 insertions(+)
diff --git a/src/core.c b/src/core.c
index d03f856..b3a72dd 100644
--- a/src/core.c
+++ b/src/core.c
@@ -285,6 +285,19 @@ static bool parse_vuln(char *cve_id, const xmlChar* inp, struct vulnerability_t
if (len > 4) {
version = g_strdup(splits[4]);
}
+
+ /*
+ * clue update to the version for jdk/jre to have 1.8.0.102 instead of
+ * 1.8.0:update_102 (CVE-2016-5582)
+ */
+ if ((len > 5) && (strcmp(vendor, "oracle") == 0) &&
+ ((strcmp(product, "jdk") == 0) || (strcmp(product, "jre") == 0)) &&
+ (strncmp(splits[5], "update_", 7) == 0)) {
+ gchar *tmp = version;
+ version = g_strdup_printf("%s.%s", tmp, splits[5]+7);
+ g_free(tmp);
+ }
+
g_strfreev(splits);
vuln->vendor = vendor;
--
2.10.1
|