fix: fix xerces CPE ID

apache:xerces-c has been deprecated in favor of apache-xerces-c\+\+
since February 2023:

<cpe-item name="cpe:/a:apache:xerces-c:3.1.1" deprecated="true" deprecation_date="2023-02-05T21:10:01.860Z">
      <reference href="https://marc.info/?l=xerces-c-users&amp;m=157653840106914&amp;w=2">Advisory</reference>
      <reference href="https://xerces.apache.org/xerces-c/releases_archive.html">Version</reference>
    <cpe-23:cpe23-item name="cpe:2.3:a:apache:xerces-c:3.1.1:*:*:*:*:*:*:*">
        <cpe-23:deprecated-by name="cpe:2.3:a:apache:xerces-c\+\+:3.1.1:*:*:*:*:*:*:*" type="NAME_CORRECTION"/>

Signed-off-by: Fabrice Fontaine <[email protected]>

Author: ffontaine

cve_bin_tool/checkers/xerces.py

@@ -6,7 +6,7 @@
 CVE checker for libxerces
 
 References:
-http://www.cvedetails.com/vulnerability-list/vendor_id-45/product_id-4103/Apache-Xerces-c-.html
+https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&orderBy=2.3&keyword=cpe%3A2.3%3Aa%3Aapache%3Axerces-c%5C%2B%5C%2B&status=FINAL
 
 RSS feed: http://www.cvedetails.com/vulnerability-feed.php?vendor_id=45&product_id=4103&version_id=&orderby=2&cvssscoremin=0
 """
@@ -20,4 +20,4 @@ class XercesChecker(Checker):
         r"\/xerces-c-src_([0-9]+_[0-9]+_[0-9]+)\/",
         r"xercesc_([0-9]+\_[0-9]+):",
     ]
-    VENDOR_PRODUCT = [("apache", "xerces-c")]
+    VENDOR_PRODUCT = [("apache", "xerces-c\+\+")]

test/test_data/xerces.py

@@ -3,7 +3,7 @@
 
 mapping_test_data = [
     {
-        "product": "xerces-c",
+        "product": "xerces-c\+\+",
         "version": "3.1.1",
         "version_strings": ["/xerces-c-src_3_1_1/"],
     }
@@ -12,7 +12,7 @@
     {
         "url": "http://mirror.centos.org/centos/7/os/x86_64/Packages/",
         "package_name": "xerces-c-3.1.1-10.el7_7.x86_64.rpm",
-        "product": "xerces-c",
+        "product": "xerces-c\+\+",
         "version": "3.1",
     }
 ]