Markus Jansen
Markus Jansen
Added some tiny fixes and rephrasings in 180cc4c [1]. Please scrutinize as usual. [1] 180cc4c https://github.com/git/git.github.io/commit/180cc4cdfa44f5509f5d900d5053df820d129734
Sorry, Access from $work I difficult.
Sorry, Access from $work I difficult, but now established .. Feel free to leave out my hallucination regarding portability, or even the complete part in brackets.
We recently stumbled over a bunch of false positives with Debian/purls/OSV, using DT 4.12.2. N.B. I am by no means a Debian (versioning) expert. My $0.02 on the problem: 1....
@Andre-85 I delivered the distro query parameters only because Syft provides it (and did not include it for the other rules) IMHO 1. one problem is that the OSV rules...
IMHO they have some meaning _on top_ - let me try to explain the problem as - I understand it - another way. Starting from a look at https://osv.dev/vulnerability/CVE-2024-45491, I...
To my comment above, I have 2 related side notes: 1 . The "Affected: 2.\*" information supplied by Google should also result in version 1.\* or 3.\* not matching at...
Please keep in mind that OSV covers multiple input databases, and since 2025-10-01 uses complete namespace separation (à la DEBIAN-CVE-(.*) or CURL-CVE-\1, and CVE-\1 for the source) to separate vulnerability...