You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Motivation:
On CentOS, yum may download from RHEL RPM repository and install RHEL binary.
In this case, the binary is compiled for RHEL but compatible with CentOS.
Since it's a binary and compiled for RHEL, which may have compiler flag difference, there might be difference in the set of vulnerabilities. Moreover, the namespaces for RHEL vulnerabilities and CentOS vulnerabilities are different.
We should modify our core Clair logic to understand that a package may have absolute indication of the namespace, which may not detected by the namespace detectors.
For implementation, we should generalize matching from package to namespace to not only depend on the package manager.
Environment
Clair version/image: MASTER
The text was updated successfully, but these errors were encountered:
Description of Problem / Feature Request
First: This may not be an issue.
Motivation:
On CentOS, yum may download from RHEL RPM repository and install RHEL binary.
In this case, the binary is compiled for RHEL but compatible with CentOS.
Since it's a binary and compiled for RHEL, which may have compiler flag difference, there might be difference in the set of vulnerabilities. Moreover, the namespaces for RHEL vulnerabilities and CentOS vulnerabilities are different.
We should modify our core Clair logic to understand that a package may have absolute indication of the namespace, which may not detected by the namespace detectors.
For implementation, we should generalize matching from package to namespace to not only depend on the package manager.
Environment
The text was updated successfully, but these errors were encountered: