From ace6eaefab07683b9cde5a0e236d67971c443fbe Mon Sep 17 00:00:00 2001 From: Timo Pollmeier Date: Tue, 19 May 2020 14:35:30 +0200 Subject: [PATCH 1/2] Fix NVTs list in CVE details The CVE matching in init_cve_nvt_iterator was not strict enough to exclude CVE-IDs where the selected one is a prefix of another one, e.g. CVE-2019-12345 could be included when looking up CVE-2019-1234. --- src/manage_sql_nvts.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/src/manage_sql_nvts.c b/src/manage_sql_nvts.c index ad9c41dad..00e4fd48c 100644 --- a/src/manage_sql_nvts.c +++ b/src/manage_sql_nvts.c @@ -758,11 +758,14 @@ init_cve_nvt_iterator (iterator_t* iterator, const char *cve, int ascending, init_iterator (iterator, "SELECT %s" " FROM nvts" - " WHERE cve %s '%%%s%%'" + " WHERE cve %s '%%%s, %%'" + " OR cve %s '%%%s'" " ORDER BY %s %s;", nvt_iterator_columns (), sql_ilike_op (), cve ? cve : "", + sql_ilike_op (), + cve ? cve : "", sort_field ? sort_field : "name", ascending ? "ASC" : "DESC"); } From c8930c77d8ff2938b6f2639def25818f5f04199e Mon Sep 17 00:00:00 2001 From: Timo Pollmeier Date: Tue, 19 May 2020 15:05:36 +0200 Subject: [PATCH 2/2] Add CHANGELOG entry for CVE NVTs --- CHANGELOG.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index cfaef04fa..a754cb672 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,13 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). +## [9.0.2] (unreleased) + +### Fixed +- Fix NVTs list in CVE details [#1098](https://github.com/greenbone/gvmd/pull/1098) + +[9.0.2]: https://github.com/greenbone/gvmd/compare/v9.0.1...gvmd-9.0 + ## [9.0.1] (2020-05-12) ### Added