Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ingest git versions from OSS-Fuzz #1029

Open
ziadhany opened this issue Dec 6, 2022 · 0 comments
Open

ingest git versions from OSS-Fuzz #1029

ziadhany opened this issue Dec 6, 2022 · 0 comments
Labels
Data collection

Comments

@ziadhany
Copy link
Collaborator

ziadhany commented Dec 6, 2022

OSS-Fuzz uses the OSV schema, the problem is that most of the versions are the Git version. #897
For example this: https://github.com/google/oss-fuzz-vulns/blob/74db2f2bc96e82a54e371e940384c825bcb32de4/vulns/openexr/OSV-2021-1420.yaml

  - type: GIT
    repo: https://github.com/AcademySoftwareFoundation/openexr
    events:
    - introduced: 40eb606dc5e8b04b7634f8a4a15f44b4e2044191
    - fixed: f68dc195ef2079793e2ea68f089adca902f0a4d8
    - fixed: e86910cb1fa2cd4e555bdb3c04b69eda28c74547
    - introduced: 57b05e055c7065ac5873f64e42350449be1eccb8
    - fixed: 666e2064d10445c501d48544d2d4566c304015c7

  database_specific:
    fixed_range: 481bde4b2584ef018cca4a6538062efd0d5d0b88:e86910cb1fa2cd4e555bdb3c04b69eda28c74547

https://ossf.github.io/osv-schema/#affectedrangestype-field

aboutcode-org/univers#85
@TG1999 TG1999 added this to the v34.0.0 milestone Jan 13, 2023
@TG1999 TG1999 removed this from the v34.0.0 milestone Jan 30, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Data collection
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ziadhany @TG1999