Uploaded image for project: 'Project Quay'
  1. Project Quay
  2. PROJQUAY-5112

Clair does not account for epoch in Amazon Linux vulnerabilities

    XMLWordPrintable

Details

    • Bug
    • Resolution: Done
    • Undefined
    • clair-4.6.1
    • None
    • clair
    • False
    • None
    • False
    • 0

    Description

      Amazon Linux vulnerabilities account for the package's epoch, which is not considered in Clair at this time. The epoch is account for when scanning rpm packages, but not when retrieving the vulnerability data.

      Attachments

        Activity

          People

            rtannenb@redhat.com Ross Tannenbaum
            rtannenb@redhat.com Ross Tannenbaum
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: