• v0.3.0 fb2ae7d903

    checker: suppress CVE warnings for vendor-backported OpenSSH fixes
    All checks were successful
    continuous-integration/drone/push Build is passing
    continuous-integration/drone/tag Build is passing

    nemunaire released this 2026-06-18 07:55:19 +00:00 | 0 commits to master since this release

    Distributions backport security fixes without bumping the upstream
    OpenSSH version, so a banner like "OpenSSH_9.2p1 Debian-2+deb12u3" was
    wrongly flagged for regreSSHion despite carrying the fix.

    Thread the banner vendor comment into analyseBannerVulns and add a
    per-CVE VendorFixes table recording the earliest patched package
    revision per distro/upstream version. Revisions are compared with a
    faithful port of dpkg's verrevcmp ordering. Populated for CVE-2024-6387
    from DSA-5724-1 (Debian) and USN-6859-1 (Ubuntu).

    Downloads