new file mode 100644

@@ -0,0 +1,12 @@

+diff -rupr a/src/update.c b/src/update.c

+--- a/src/update.c	2016-08-26 18:12:25.000000000 +0000

+@@ -188,7 +188,7 @@ static bool nvdcve_data_ok(const char *m

+                 snprintf(&csum_data[idx], len, "%02hhx", digest[i]);

+         }

+ 

+-        ret = streq(csum_meta, csum_data);

++        ret = !strcasecmp(csum_meta, csum_data);

+ 

+ err_unmap:

+         munmap(buffer, length);

@@ -1,7 +1,7 @@

 Summary:        cve-check-tool, as its name suggests, is a tool for checking known (public) CVEs.

 Name:           cve-check-tool

 Version:        5.6.4.1

-Release:        8%{?dist}

+Release:        9%{?dist}

 Source0:        cve-check-tool-%{version}.tar.gz

 %define sha1    cve-check-tool=880719673907f5e69ece5180e762611fa66f4ae2

 Source1:        packages-mapping.cfg

@@ -11,6 +11,7 @@ Patch2:         0003-Add-N-M-mapping-support.-Invert-key-values.patch

 Patch3:         0004-Mapping-supports-vendor-product-combination.patch

 Patch4:         0005-Concatenate-update-to-the-version-for-jdk-jre.patch

 Patch5:         0006-Search-for-CVE-xxxx-xxxx-comment-in-.spec-parser.patch

+Patch6:		0007-String-ignoring-case.patch

 License:        GPLv2

 URL:            https://github.com/ikeydoherty/cve-check-tool

 Vendor:         VMware, Inc.

@@ -40,6 +41,7 @@ The tool will identify potentially vunlnerable software packages within Linux di

 %patch3 -p1

 %patch4 -p1

 %patch5 -p1

+%patch6 -p1

 %build

 ./autogen.sh

@@ -64,6 +66,8 @@ rm -rf %{buildroot}/*

 %doc %{_mandir}/man1/*

 %changelog

+*   Wed Apr 26 2017 Siju Maliakkal <smaliakkal@vmware.com> 5.6.4.1-9

+-   Added the patch for ignoring case of digest digits

 *   Thu Apr 06 2017 Anish Swaminathan <anishs@vmware.com> 5.6.4.1-8

 -   Remove vault entry from package mapping file

 *   Thu Dec 22 2016 Alexey Makhalov <amakhalov@vmware.com> 5.6.4.1-7