From b1f5bdd8b2e0a42011e0e5fb039cb6c64a109e02 Mon Sep 17 00:00:00 2001
From: Takayuki Ushida <kiyukatadasiu@gmail.com>
Date: Sat, 20 Aug 2016 21:23:31 +0900
Subject: [PATCH] Fix CVE-ID is truncated to 4 digits

---
 scan/debian.go | 2 +-
 scan/redhat.go | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/scan/debian.go b/scan/debian.go
index f2bc27fd..75c02e49 100644
--- a/scan/debian.go
+++ b/scan/debian.go
@@ -589,7 +589,7 @@ func (o *debian) getCveIDParsingChangelog(changelog string,
 func (o *debian) parseChangelog(changelog string,
 	packName string, versionOrLater string) (cveIDs []string, err error) {
 
-	cveRe, _ := regexp.Compile(`(CVE-\d{4}-\d{4})`)
+	cveRe, _ := regexp.Compile(`(CVE-\d{4}-\d{4,})`)
 	stopRe, _ := regexp.Compile(fmt.Sprintf(`\(%s\)`, regexp.QuoteMeta(versionOrLater)))
 	stopLineFound := false
 	lines := strings.Split(changelog, "\n")
diff --git a/scan/redhat.go b/scan/redhat.go
index 23e23b91..e44f46c6 100644
--- a/scan/redhat.go
+++ b/scan/redhat.go
@@ -867,7 +867,7 @@ func (o *redhat) parseYumUpdateinfoHeaderAmazon(line string) (a models.DistroAdv
 }
 
 func (o *redhat) parseYumUpdateinfoLineToGetCveIDs(line string) []string {
-	re, _ := regexp.Compile(`(CVE-\d{4}-\d{4})`)
+	re, _ := regexp.Compile(`(CVE-\d{4}-\d{4,})`)
 	return re.FindAllString(line, -1)
 }