Changes in Update Released on 10-Feb-2022
This Update includes the changes described in the following sections.
Issues/Bugs Addressed
The following issues were addressed in the Update:
| Issue ID | Issue Summary |
|---|---|
| SCA-40131 | Fixing false positive component_cpe mappings |
| SCA-40004 | Fix for "Unable to load or add component version libssh 0.7.3" |
| SCA-39146 | GPL 3.0 or later and GPL 3.0 Only - both licenses are reported when the source clearly has only one SPDX ID |
| SCA-38096 | Fixing redirecting urls for clojars collector |
Addition of Missing Vulnerability Mappings
Missing vulnerability mappings for the following components were added:
-
mosquitto
-
lwip
-
folly
-
matio
-
libheif
-
manageiq
-
redis
Addition of License Detection Capability and License Evidence Mechanism
License detection capability and license evidence mechanism was added for the following licenses:
-
D-FSL-1.0
-
diffmark
-
DigiRule-FOSS-exception
-
Dotseqn
-
DSDP
New/Update Component Requests
-
windowsazure.servicebus
-
microsoft.azure.servicebus.eventprocessorhost
-
mesa
-
sharpmimetools