fdellwing
commented
2 years ago Ubuntu 20 already has a fixed version, as its typical, not that easy to parse:
0.105-26ubuntu1.1 => vulnerable 0.105-26ubuntu1.2 => fixed
Closed bcoles closed 2 years ago
fdellwing
commented
2 years ago Ubuntu 20 already has a fixed version, as its typical, not that easy to parse:
0.105-26ubuntu1.1 => vulnerable 0.105-26ubuntu1.2 => fixed
bcoles
commented
2 years ago Ubuntu 20 already has a fixed version, as its typical, not that easy to parse:
0.105-26ubuntu1.1 => vulnerable 0.105-26ubuntu1.2 => fixed
Linux Exploit Suggester errs more on the side of false positives than false negatives.
Trying to shove multiple different version strings (in multiple different formats for various different packages management systems with varying degrees of backporting) into a string for comparison was more tedious than I'd care to explore.
The version match in this PR ver<=0.105-31 is not 100% accurate either, but seemed like the best solution.
Thanks.