Hello
Since year, the Software Data Signature of OpenJDK software was changed from File Based to Rule Based.
On the master.zsai and Unix.zsai signature files version August 2022, the Software Data signature of OpenJDK software were file and rule based.
On these files, I see many Release / Versions and for each version a list of files with signature.
On the master.zsai and Unix.zsai signature files version December 2023, the Software Data signature of OpenJDK software are rule based.
The rules are based on the name of RPM packages for Linux, MSI package for Windows, ...
The problem is I have many servers, mostly Linux servers, where OpenJDK is not deployed from RPM package. So for these servers, the scanner does not discover the OpenJDK installation.
As workaround, I create a custom SAI file with the old Software signature (from August 2022).
So now I can discover all the OpenJDK installation with existing version in the old software signature file.
But I can't discover OpenJDK installation of release highter than 15 that are not installed from RPM packages. Because I have only the file based signature for release lower than 15.
Does anyone have a solution to get around this problem ?