Uploaded image for project: 'Security Data'
  1. Security Data
  2. SECDATA-26

Latest CPE in ocp4.x -including-unpatched files lists 4.9 for both RHEL7 and 8

    XMLWordPrintable

Details

    • Story
    • Resolution: Done
    • Undefined
    • None
    • None
    • oval
    • None
    • False
    • Hide

      None

      Show
      None
    • False

    Description

      The affected_cpe_list in the including-unpatched OCP 4 OVAL files lists these CPEs:

      $ rg 'cpe:' rhel7_openshift-4-including-unpatched.oval.xml | head -1
    <cpe>cpe:/a:redhat:openshift:4.9</cpe>
$ rg 'cpe:' rhel8_openshift-4-including-unpatched.oval.xml | head -1
    <cpe>cpe:/a:redhat:openshift:4.9</cpe>

      It should show the latest version of OCP 4, which at this point is 4.12. Fix the sorting mechanism that finds the latest versions to use int comparisons instead of string comparison.

      Attachments

        Activity

          People

            mprpic@redhat.com Martin Prpic
            mprpic@redhat.com Martin Prpic
            Votes:
            1 Vote for this issue
            Watchers:
            4 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: