Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(mariner): add support for CBL-Mariner #1640

Merged
merged 9 commits into from
Jan 29, 2022
Merged

feat(mariner): add support for CBL-Mariner #1640

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
419b89e
docs(mariner) support new os detector
masahiro331 Jan 29, 2022
9360135
feat(mariner) add CBL-Mariner detector
masahiro331 Jan 29, 2022
d0b197b
test(mariner) wip add CBL-Mariner integration test
masahiro331 Jan 29, 2022
2691b63
test(integration): update vulnerability info
knqyf263 Jan 29, 2022
7d73405
test(integration): update golden files
masahiro331 Jan 29, 2022
de4d6df
docs(data-source) fix garbage data
masahiro331 Jan 29, 2022
2e7ec24
test(integration) add docker engine and client&server tests
masahiro331 Jan 29, 2022
3e7edaf
chore(mariner) fix comment
masahiro331 Jan 29, 2022
0aca717
test(mariner) fix test
masahiro331 Jan 29, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -165,7 +165,7 @@ Failures: 1 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 1, CRITICAL: 0)
# Features

- Comprehensive vulnerability detection
- OS packages (Alpine Linux, Red Hat Universal Base Image, Red Hat Enterprise Linux, CentOS, AlmaLinux, Rocky Linux, Oracle Linux, Debian, Ubuntu, Amazon Linux, openSUSE Leap, SUSE Enterprise Linux, Photon OS and Distroless)
- OS packages (Alpine Linux, Red Hat Universal Base Image, Red Hat Enterprise Linux, CentOS, AlmaLinux, Rocky Linux, CBL-Mariner, Oracle Linux, Debian, Ubuntu, Amazon Linux, openSUSE Leap, SUSE Enterprise Linux, Photon OS and Distroless)
- **Language-specific packages** (Bundler, Composer, Pipenv, Poetry, npm, yarn, Cargo, NuGet, Maven, and Go)
- Misconfiguration detection (IaC scanning)
- A wide variety of built-in policies are provided **out of the box**
Expand Down
4 changes: 2 additions & 2 deletions docs/getting-started/overview.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ See [Integrations][integrations] for details.
## Features

- Comprehensive vulnerability detection
- [OS packages][os] (Alpine, Red Hat Universal Base Image, Red Hat Enterprise Linux, CentOS, AlmaLinux, Rocky Linux, Oracle Linux, Debian, Ubuntu, Amazon Linux, openSUSE Leap, SUSE Enterprise Linux, Photon OS and Distroless)
- [OS packages][os] (Alpine, Red Hat Universal Base Image, Red Hat Enterprise Linux, CentOS, AlmaLinux, Rocky Linux, CBL-Mariner, Oracle Linux, Debian, Ubuntu, Amazon Linux, openSUSE Leap, SUSE Enterprise Linux, Photon OS and Distroless)
- [**Language-specific packages**][lang] (Bundler, Composer, Pipenv, Poetry, npm, yarn, Cargo, NuGet, Maven, and Go)
- Detect IaC misconfigurations
- A wide variety of [built-in policies][builtin] are provided **out of the box**:
Expand Down Expand Up @@ -80,4 +80,4 @@ Please see [LICENSE][license] for Trivy licensing information.
[podman]: ../advanced/container/podman.md

[oci]: https://github.com/opencontainers/image-spec
[license]: https://github.com/aquasecurity/trivy/blob/main/LICENSE
[license]: https://github.com/aquasecurity/trivy/blob/main/LICENSE
2 changes: 2 additions & 0 deletions docs/vulnerability/detection/data-source.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@
| AlmaLinux | [AlmaLinux Product Errata][alma] |
| Rocky Linux | [Rocky Linux UpdateInfo][rocky] |
| Oracle Linux | [OVAL][oracle] |
| CBL-Mariner | [OVAL][mariner] |
| OpenSUSE/SLES | [CVRF][suse] |
| Photon OS | [Photon Security Advisory][photon] |

Expand Down Expand Up @@ -58,6 +59,7 @@
[oracle]: https://linux.oracle.com/security/oval/
[suse]: http://ftp.suse.com/pub/projects/security/cvrf/
[photon]: https://packages.vmware.com/photon/photon_cve_metadata/
[mariner]: https://github.com/microsoft/CBL-MarinerVulnerabilityData/

[php-ghsa]: https://github.com/advisories?query=ecosystem%3Acomposer
[python-ghsa]: https://github.com/advisories?query=ecosystem%3Apip
Expand Down
1 change: 1 addition & 0 deletions docs/vulnerability/detection/os.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ The unfixed/unfixable vulnerabilities mean that the patch has not yet been provi
| AlmaLinux | 8 | Installed by yum/rpm | NO |
| Rocky Linux | 8 | Installed by yum/rpm | NO |
| Oracle Linux | 5, 6, 7, 8 | Installed by yum/rpm | NO |
| CBL-Mariner | 1.0, 2.0 | Installed by yum/rpm | YES |
| Amazon Linux | 1, 2 | Installed by yum/rpm | NO |
| openSUSE Leap | 42, 15 | Installed by zypper/rpm | NO |
| SUSE Enterprise Linux | 11, 12, 15 | Installed by zypper/rpm | NO |
Expand Down
4 changes: 2 additions & 2 deletions go.mod
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,13 +7,13 @@ require (
github.com/Masterminds/sprig v2.22.0+incompatible
github.com/NYTimes/gziphandler v0.0.0-20170623195520-56545f4a5d46
github.com/aquasecurity/bolt-fixtures v0.0.0-20200903104109-d34e7f983986
github.com/aquasecurity/fanal v0.0.0-20220128133114-3519fe6e6c21
github.com/aquasecurity/fanal v0.0.0-20220129174924-b9e05fcccc57
github.com/aquasecurity/go-dep-parser v0.0.0-20211224170007-df43bca6b6ff
github.com/aquasecurity/go-gem-version v0.0.0-20201115065557-8eed6fe000ce
github.com/aquasecurity/go-npm-version v0.0.0-20201110091526-0b796d180798
github.com/aquasecurity/go-pep440-version v0.0.0-20210121094942-22b2f8951d46
github.com/aquasecurity/go-version v0.0.0-20210121072130-637058cfe492
github.com/aquasecurity/trivy-db v0.0.0-20220128150422-5c53ef8a797d
github.com/aquasecurity/trivy-db v0.0.0-20220129175002-a5adda5ac069
github.com/caarlos0/env/v6 v6.0.0
github.com/cenkalti/backoff v2.2.1+incompatible
github.com/cheggaaa/pb/v3 v3.0.3
Expand Down
8 changes: 4 additions & 4 deletions go.sum
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -243,8 +243,8 @@ github.com/aquasecurity/cfsec v0.2.2 h1:hq6MZlg7XFZsrerCv297N4HRlnJM7K6LLd/l/xCz
github.com/aquasecurity/cfsec v0.2.2/go.mod h1:sUELRJqIPXTOZiHUx7TzyyFFzuk0W22IG6IWAoV8T6U=
github.com/aquasecurity/defsec v0.0.37 h1:zdZndlKrW257b8VLK1UwfmXiyPuDrNA+wzBilHRk1LA=
github.com/aquasecurity/defsec v0.0.37/go.mod h1:csaBEcJ3AKy44expnW0dCANEZcS/c1vcJjwBCbnKWBM=
github.com/aquasecurity/fanal v0.0.0-20220128133114-3519fe6e6c21 h1:7nx6j3boy7oawbPvkp2Vma9OvovZWIGvzJw80w1e71E=
github.com/aquasecurity/fanal v0.0.0-20220128133114-3519fe6e6c21/go.mod h1:aU+dKT2D+DLsTEmy/axt19XEIXayz0V9giXCwiypCgQ=
github.com/aquasecurity/fanal v0.0.0-20220129174924-b9e05fcccc57 h1:/xe+XRO1uQXebv6y1XIM9424XQXVnVZ1dr+V4clegHA=
github.com/aquasecurity/fanal v0.0.0-20220129174924-b9e05fcccc57/go.mod h1:aU+dKT2D+DLsTEmy/axt19XEIXayz0V9giXCwiypCgQ=
github.com/aquasecurity/go-dep-parser v0.0.0-20211224170007-df43bca6b6ff h1:JCKEV3TgUNh9fn+8hXyIdsF9yErA0rUbCkgt2flRKt4=
github.com/aquasecurity/go-dep-parser v0.0.0-20211224170007-df43bca6b6ff/go.mod h1:8fJ//Ob6/03lxbn4xa1F+G/giVtiVLxnZNpBp5xOxNk=
github.com/aquasecurity/go-gem-version v0.0.0-20201115065557-8eed6fe000ce h1:QgBRgJvtEOBtUXilDb1MLi1p1MWoyFDXAu5DEUl5nwM=
Expand All @@ -260,8 +260,8 @@ github.com/aquasecurity/testdocker v0.0.0-20210911155206-e1e85f5a1516 h1:moQmzbp
github.com/aquasecurity/testdocker v0.0.0-20210911155206-e1e85f5a1516/go.mod h1:gTd97VdQ0rg8Mkiic3rPgNOQdprZ7feTAhiD5mGQjgM=
github.com/aquasecurity/tfsec v0.63.1 h1:KH63HTcUoab7d3PKtqFO6T8K5AY7bzLw7Kiu+EY9U64=
github.com/aquasecurity/tfsec v0.63.1/go.mod h1:g5ZWmsfqW1FsCaPb9ux8Pzjcyss/WUB2XuRd5slqvnc=
github.com/aquasecurity/trivy-db v0.0.0-20220128150422-5c53ef8a797d h1:vwK774PmorLkSsL/K4WUa9Y9Tn/5Ksmolv8UGHh0Wjc=
github.com/aquasecurity/trivy-db v0.0.0-20220128150422-5c53ef8a797d/go.mod h1:BOulYmf+l2bd+Bjo3tTsdnbWCsh5UsJn1MqdiZzmm/Q=
github.com/aquasecurity/trivy-db v0.0.0-20220129175002-a5adda5ac069 h1:TYG76ClrtBiunB43Hme+ahszJfm0E+og+JQsEEMrHbk=
github.com/aquasecurity/trivy-db v0.0.0-20220129175002-a5adda5ac069/go.mod h1:BOulYmf+l2bd+Bjo3tTsdnbWCsh5UsJn1MqdiZzmm/Q=
github.com/armon/circbuf v0.0.0-20150827004946-bbbad097214e/go.mod h1:3U/XgcO3hCbHZ8TKRvWD2dDTCfh9M9ya+I9JpbB7O8o=
github.com/armon/consul-api v0.0.0-20180202201655-eb2c6b5be1b6/go.mod h1:grANhF5doyWs3UAsr3K4I6qtAmlQcZDesFNEHPZAzj8=
github.com/armon/go-metrics v0.0.0-20180917152333-f0300d1749da/go.mod h1:Q73ZrmVTwzkszR9V5SSuryQ31EELlFMUz1kKyl939pY=
Expand Down
7 changes: 7 additions & 0 deletions integration/client_server_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -203,6 +203,13 @@ func TestClientServer(t *testing.T) {
},
golden: "testdata/photon-30.json.golden",
},
{
name: "CBL-Mariner 1.0",
args: csArgs{
Input: "testdata/fixtures/images/mariner-1.0.tar.gz",
},
golden: "testdata/mariner-1.0.json.golden",
},
{
name: "buxybox with Cargo.lock",
args: csArgs{
Expand Down
6 changes: 6 additions & 0 deletions integration/docker_engine_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -176,6 +176,12 @@ func TestDockerEngine(t *testing.T) {
input: "testdata/fixtures/images/photon-30.tar.gz",
golden: "testdata/photon-30.json.golden",
},
{
name: "CBL-Mariner 1.0",
imageTag: "cblmariner.azurecr.io/base/core:1.0",
input: "testdata/fixtures/images/mariner-1.0.tar.gz",
golden: "testdata/mariner-1.0.json.golden",
},
{
name: "busybox with Cargo.lock",
imageTag: "busy-cargo:latest",
Expand Down
10 changes: 9 additions & 1 deletion integration/standalone_tar_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -216,13 +216,21 @@ func TestTar(t *testing.T) {
golden: "testdata/opensuse-leap-151.json.golden",
},
{
name: "photon 3.0 integration",
name: "photon 3.0",
testArgs: args{
Format: "json",
Input: "testdata/fixtures/images/photon-30.tar.gz",
},
golden: "testdata/photon-30.json.golden",
},
{
name: "CBL-Mariner 1.0",
testArgs: args{
Format: "json",
Input: "testdata/fixtures/images/mariner-1.0.tar.gz",
},
golden: "testdata/mariner-1.0.json.golden",
},
{
name: "buxybox with Cargo.lock integration",
testArgs: args{
Expand Down
10 changes: 7 additions & 3 deletions integration/testdata/almalinux-8.json.golden
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -85,16 +85,21 @@
},
"References": [
"http://www.openwall.com/lists/oss-security/2021/08/26/2",
"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3712.json",
"https://access.redhat.com/security/cve/CVE-2021-3712",
"https://crates.io/crates/openssl-src",
"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3712",
"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=94d23fcff9b2a7a8368dfe52214d5c2569882c11",
"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ccb0a11145ee72b042d10593a64eaf9e8a55ec12",
"https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10366",
"https://linux.oracle.com/cve/CVE-2021-3712.html",
"https://linux.oracle.com/errata/ELSA-2021-9632.html",
"https://linux.oracle.com/errata/ELSA-2022-9023.html",
"https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E",
"https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2021/09/msg00014.html",
"https://lists.debian.org/debian-lts-announce/2021/09/msg00021.html",
"https://nvd.nist.gov/vuln/detail/CVE-2021-3712",
"https://rustsec.org/advisories/RUSTSEC-2021-0098.html",
"https://security.netapp.com/advisory/ntap-20210827-0010/",
"https://ubuntu.com/security/notices/USN-5051-1",
"https://ubuntu.com/security/notices/USN-5051-2",
Expand All @@ -105,8 +110,7 @@
"https://www.openssl.org/news/secadv/20210824.txt",
"https://www.oracle.com/security-alerts/cpuoct2021.html",
"https://www.tenable.com/security/tns-2021-16",
"https://www.tenable.com/security/tns-2022-02",
"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3712.json"
"https://www.tenable.com/security/tns-2022-02"
],
"PublishedDate": "2021-08-24T15:15:00Z",
"LastModifiedDate": "2022-01-06T09:15:00Z"
Expand Down
4 changes: 4 additions & 0 deletions integration/testdata/alpine-310-registry.json.golden
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -93,6 +93,7 @@
}
},
"References": [
"https://access.redhat.com/security/cve/CVE-2019-1549",
"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1549",
"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1b0fe00e2704b5e20334a16d3c9099d1ba2ef1be",
"https://linux.oracle.com/cve/CVE-2019-1549.html",
Expand Down Expand Up @@ -152,6 +153,7 @@
"References": [
"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00030.html",
"http://packetstormsecurity.com/files/155754/Slackware-Security-Advisory-openssl-Updates.html",
"https://access.redhat.com/security/cve/CVE-2019-1551",
"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1551",
"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=419102400a2811582a7a3d4a4e317d72e5ce0a8f",
"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=f1c5eea8a817075d31e43f5876993c6710238c98",
Expand Down Expand Up @@ -217,6 +219,7 @@
}
},
"References": [
"https://access.redhat.com/security/cve/CVE-2019-1549",
"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1549",
"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1b0fe00e2704b5e20334a16d3c9099d1ba2ef1be",
"https://linux.oracle.com/cve/CVE-2019-1549.html",
Expand Down Expand Up @@ -276,6 +279,7 @@
"References": [
"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00030.html",
"http://packetstormsecurity.com/files/155754/Slackware-Security-Advisory-openssl-Updates.html",
"https://access.redhat.com/security/cve/CVE-2019-1551",
"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1551",
"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=419102400a2811582a7a3d4a4e317d72e5ce0a8f",
"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=f1c5eea8a817075d31e43f5876993c6710238c98",
Expand Down
8 changes: 8 additions & 0 deletions integration/testdata/alpine-310.gitlab.golden
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,8 @@
}
],
"links": [{
"url": "https://access.redhat.com/security/cve/CVE-2019-1549"
},{
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1549"
},{
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1b0fe00e2704b5e20334a16d3c9099d1ba2ef1be"
Expand Down Expand Up @@ -108,6 +110,8 @@
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00030.html"
},{
"url": "http://packetstormsecurity.com/files/155754/Slackware-Security-Advisory-openssl-Updates.html"
},{
"url": "https://access.redhat.com/security/cve/CVE-2019-1551"
},{
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1551"
},{
Expand Down Expand Up @@ -197,6 +201,8 @@
}
],
"links": [{
"url": "https://access.redhat.com/security/cve/CVE-2019-1549"
},{
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1549"
},{
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1b0fe00e2704b5e20334a16d3c9099d1ba2ef1be"
Expand Down Expand Up @@ -272,6 +278,8 @@
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00030.html"
},{
"url": "http://packetstormsecurity.com/files/155754/Slackware-Security-Advisory-openssl-Updates.html"
},{
"url": "https://access.redhat.com/security/cve/CVE-2019-1551"
},{
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1551"
},{
Expand Down
4 changes: 4 additions & 0 deletions integration/testdata/alpine-310.html.golden
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -99,6 +99,7 @@
<td class="pkg-version">1.1.1c-r0</td>
<td>1.1.1d-r0</td>
<td class="links" data-more-links="off">
<a href="https://access.redhat.com/security/cve/CVE-2019-1549">https://access.redhat.com/security/cve/CVE-2019-1549</a>
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1549">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1549</a>
<a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1b0fe00e2704b5e20334a16d3c9099d1ba2ef1be">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1b0fe00e2704b5e20334a16d3c9099d1ba2ef1be</a>
<a href="https://linux.oracle.com/cve/CVE-2019-1549.html">https://linux.oracle.com/cve/CVE-2019-1549.html</a>
Expand Down Expand Up @@ -129,6 +130,7 @@
<td class="links" data-more-links="off">
<a href="http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00030.html">http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00030.html</a>
<a href="http://packetstormsecurity.com/files/155754/Slackware-Security-Advisory-openssl-Updates.html">http://packetstormsecurity.com/files/155754/Slackware-Security-Advisory-openssl-Updates.html</a>
<a href="https://access.redhat.com/security/cve/CVE-2019-1551">https://access.redhat.com/security/cve/CVE-2019-1551</a>
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1551">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1551</a>
<a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=419102400a2811582a7a3d4a4e317d72e5ce0a8f">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=419102400a2811582a7a3d4a4e317d72e5ce0a8f</a>
<a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=f1c5eea8a817075d31e43f5876993c6710238c98">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=f1c5eea8a817075d31e43f5876993c6710238c98</a>
Expand Down Expand Up @@ -165,6 +167,7 @@
<td class="pkg-version">1.1.1c-r0</td>
<td>1.1.1d-r0</td>
<td class="links" data-more-links="off">
<a href="https://access.redhat.com/security/cve/CVE-2019-1549">https://access.redhat.com/security/cve/CVE-2019-1549</a>
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1549">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1549</a>
<a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1b0fe00e2704b5e20334a16d3c9099d1ba2ef1be">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1b0fe00e2704b5e20334a16d3c9099d1ba2ef1be</a>
<a href="https://linux.oracle.com/cve/CVE-2019-1549.html">https://linux.oracle.com/cve/CVE-2019-1549.html</a>
Expand Down Expand Up @@ -195,6 +198,7 @@
<td class="links" data-more-links="off">
<a href="http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00030.html">http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00030.html</a>
<a href="http://packetstormsecurity.com/files/155754/Slackware-Security-Advisory-openssl-Updates.html">http://packetstormsecurity.com/files/155754/Slackware-Security-Advisory-openssl-Updates.html</a>
<a href="https://access.redhat.com/security/cve/CVE-2019-1551">https://access.redhat.com/security/cve/CVE-2019-1551</a>
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1551">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1551</a>
<a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=419102400a2811582a7a3d4a4e317d72e5ce0a8f">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=419102400a2811582a7a3d4a4e317d72e5ce0a8f</a>
<a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=f1c5eea8a817075d31e43f5876993c6710238c98">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=f1c5eea8a817075d31e43f5876993c6710238c98</a>
Expand Down
Loading