fix: fix xerces CPE ID

apache:xerces-c has been deprecated in favor of apache-xerces-c\+\+
since February 2023:

<cpe-item name="cpe:/a:apache:xerces-c:3.1.1" deprecated="true" deprecation_date="2023-02-05T21:10:01.860Z">
      <reference href="https://marc.info/?l=xerces-c-users&amp;m=157653840106914&amp;w=2">Advisory</reference>
      <reference href="https://xerces.apache.org/xerces-c/releases_archive.html">Version</reference>
    <cpe-23:cpe23-item name="cpe:2.3:a:apache:xerces-c:3.1.1:*:*:*:*:*:*:*">
        <cpe-23:deprecated-by name="cpe:2.3:a:apache:xerces-c\+\+:3.1.1:*:*:*:*:*:*:*" type="NAME_CORRECTION"/>

Signed-off-by: Fabrice Fontaine <[email protected]>

Author: ffontaine

cve_bin_tool/checkers/xerces.py

@@ -20,4 +20,4 @@ class XercesChecker(Checker):
         r"\/xerces-c-src_([0-9]+_[0-9]+_[0-9]+)\/",
         r"xercesc_([0-9]+\_[0-9]+):",
     ]
-    VENDOR_PRODUCT = [("apache", "xerces-c\+\+")]
+    VENDOR_PRODUCT = [("apache", "xerces-c\\+\\+")]

test/test_data/xerces.py

@@ -3,7 +3,7 @@
 
 mapping_test_data = [
     {
-        "product": "xerces-c\+\+",
+        "product": "xerces-c\\+\\+",
         "version": "3.1.1",
         "version_strings": ["/xerces-c-src_3_1_1/"],
     }
@@ -12,7 +12,7 @@
     {
         "url": "http://mirror.centos.org/centos/7/os/x86_64/Packages/",
         "package_name": "xerces-c-3.1.1-10.el7_7.x86_64.rpm",
-        "product": "xerces-c\+\+",
+        "product": "xerces-c\\+\\+",
         "version": "3.1",
     }
 ]