EDIT: Changing this issue to be more generic about questions about debsecan's inner workings.
[ ] Is binary_package being used?
[ ] Should we check for vulnerabilities using the version only, or also check all of the versions in the other_versions array?
The original debsecan tool for debian CVE listing works with an attribute "binary_package", as well as an array of source_packages per binary_package.
However as far as I can tell this is not used in any way. There are no vulnerabilities where binary_package is true, so I removed the functionality before even committing it.
# In the VulnerabilityParser class
def binary_packages
@packages ||= parse_binary_packages
end
def parse_binary_packages
vulnerability_data.split(/\n\n/)[2].split(/\n/).each_with_object(Hash.new([])) do |package_string, packages|
package_name, source_packages_string = package_string.split(',', 2)
packages[package_name] = source_packages_string.split(' ')
end
end
EDIT: Changing this issue to be more generic about questions about debsecan's inner workings.
The original debsecan tool for debian CVE listing works with an attribute "binary_package", as well as an array of source_packages per binary_package.
However as far as I can tell this is not used in any way. There are no vulnerabilities where binary_package is true, so I removed the functionality before even committing it.
Here's my first attempt at the code: