The CVE link rewriter only rewrites the first CVE number

RESOLVED INVALID

Status

()

bugzilla.mozilla.org
User Interface
RESOLVED INVALID
2 years ago
2 years ago

People

(Reporter: Away for a while, Assigned: dylan)

Tracking

Production

Details

(Reporter)

Description

2 years ago
See bug 1257645 (note the summary)
(Assignee)

Updated

2 years ago
Assignee: nobody → dylan
(Assignee)

Comment 1

2 years ago
This contains a normal hyphen: CVE-2016-2324
and this contains a non-breaking hyphen: CVE‑2016‑2315

So the fix is to allow either.
Status: NEW → ASSIGNED
(In reply to Dylan William Hardison [:dylan] from comment #1)
> This contains a normal hyphen: CVE-2016-2324
> and this contains a non-breaking hyphen: CVE‑2016‑2315
> 
> So the fix is to allow either.

Or just replace the non-compliant one, which I just did ;)
(Assignee)

Comment 3

2 years ago
it's pretty trivial to test for the unicode property Dash_Punctuation (\p{Pd}), so I just pushed that to dev (to make sure it works on perl 5.10). I can't find any reference from mitre that says it *has* to be U+002D HYPHEN-MINUS.
(Assignee)

Comment 4

2 years ago
Yup, we can in fact use \p{Pd}, however mitre doesn't support that.
We *could* s/\p{Pd}/-/; but that would be silly. Resolving as invalid seems to be best.
Status: ASSIGNED → RESOLVED
Last Resolved: 2 years ago
Resolution: --- → INVALID
You need to log in before you can comment on or make changes to this bug.