Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow feature specific whitelists #188

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

Allow feature specific whitelists #188

wants to merge 2 commits into from

Commits on Dec 9, 2022

  1. Allow vulnerabilities to be whitelisted by feature name 

    This change allows specific CVEs to be whitelisted when they affect a
specific feature. This is useful when a feature embeds a vulnerable
component, but uses it in a way that is not affected by the
vulnerability - and the user wants to ensure the CVE does not affect
other features (such as the OS Distribution's own package that
distributes the component).

See https://security-tracker.debian.org/tracker/CVE-2019-8457 for a
motivating example. Users may want to whitelist CVE-2019-8457 in the
context of the db5.3 package, but still be confident that sqlite3 has
been patched.
    @allonhadaya-maven
    allonhadaya-maven committed Dec 9, 2022
    Configuration menu
    Copy the full SHA
    efc735a View commit details
    Browse the repository at this point in the history

  2. Flatten nested if statements by inverting condition and continuing

    @allonhadaya-maven
    allonhadaya-maven committed Dec 9, 2022
    Configuration menu
    Copy the full SHA
    19ba17a View commit details
    Browse the repository at this point in the history