|
|
@@ -278,7 +278,7 @@ def cve_update(d, cve_data, cve, entry):
|
|
|
cve_data[cve] = entry
|
|
|
return
|
|
|
# If we are updating, there might be change in the status
|
|
|
- bb.debug("Trying CVE entry update for %s from %s to %s" % (cve, cve_data[cve]['abbrev-status'], entry['abbrev-status']))
|
|
|
+ bb.debug(1, "Trying CVE entry update for %s from %s to %s" % (cve, cve_data[cve]['abbrev-status'], entry['abbrev-status']))
|
|
|
if cve_data[cve]['abbrev-status'] == "Unknown":
|
|
|
cve_data[cve] = entry
|
|
|
return
|
|
|
@@ -289,16 +289,16 @@ def cve_update(d, cve_data, cve, entry):
|
|
|
if entry['status'] == "version-in-range" and cve_data[cve]['status'] == "version-not-in-range":
|
|
|
# New result from the scan, vulnerable
|
|
|
cve_data[cve] = entry
|
|
|
- bb.debug("CVE entry %s update from Patched to Unpatched from the scan result" % cve)
|
|
|
+ bb.debug(1, "CVE entry %s update from Patched to Unpatched from the scan result" % cve)
|
|
|
return
|
|
|
if entry['abbrev-status'] == "Patched" and cve_data[cve]['abbrev-status'] == "Unpatched":
|
|
|
if entry['status'] == "version-not-in-range" and cve_data[cve]['status'] == "version-in-range":
|
|
|
# Range does not match the scan, but we already have a vulnerable match, ignore
|
|
|
- bb.debug("CVE entry %s update from Patched to Unpatched from the scan result - not applying" % cve)
|
|
|
+ bb.debug(1, "CVE entry %s update from Patched to Unpatched from the scan result - not applying" % cve)
|
|
|
return
|
|
|
# If we have an "Ignored", it has a priority
|
|
|
if cve_data[cve]['abbrev-status'] == "Ignored":
|
|
|
- bb.debug("CVE %s not updating because Ignored" % cve)
|
|
|
+ bb.debug(1, "CVE %s not updating because Ignored" % cve)
|
|
|
return
|
|
|
bb.warn("Unhandled CVE entry update for %s from %s to %s" % (cve, cve_data[cve], entry))
|
|
|
|
Daniel Turull