-
Notifications
You must be signed in to change notification settings - Fork 574
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
fix: adds ignore rules for kernel-headers indirect matches (#1787)
* fix: adds ignore rules for kernel-headers indirect matches Adds ignoring of kernel-headers indirect matches on kernel vulns since the kernel-headers package does not have the kernel code in it that kernel vulns are actually referring to. Adds a config value to control this ignore behavior that defaults to enabling the ignore rules. Fixes: 1762 * Adds ignore rule support for match types and upstream package names. * Adds default ignore rules for kernel-headers indirect matches on kernel for rpms. Signed-off-by: Zach Hill <[email protected]> * chore: add match-upstream-kernel-headers config to README.md Signed-off-by: Zach Hill <[email protected]> * chore: update match labels Signed-off-by: Keith Zantow <[email protected]> --------- Signed-off-by: Zach Hill <[email protected]> Signed-off-by: Keith Zantow <[email protected]> Co-authored-by: Keith Zantow <[email protected]>
- Loading branch information
Showing
7 changed files
with
378 additions
and
44 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.