[OE-core] [PATCH 1/4] cve-update-db: New recipe to update CVE database
Kevin Weng
t-keweng at microsoft.com
Tue Jul 9 23:58:59 UTC 2019
Hi Pierre,
I found that the hash function is causing collisions in the generated database such that some CVEs are being overwritten because of the UNIQUE constraint on the HASH column. For example, CVE-2018-1000873 has the same hash of 623198722 as CVE-2018-18338. This results in one of the two CVEs not appearing in the database.
--
Kevin Weng
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openembedded.org/pipermail/openembedded-core/attachments/20190709/fd431d3b/attachment.html>
More information about the Openembedded-core
mailing list