Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(redhat): support affected CPE list in OVAL v2 #101

Merged
merged 39 commits into from
Jan 28, 2022
+3,182 −1,286
Merged

feat(redhat): support affected CPE list in OVAL v2 #101

Changes from 1 commit
Commits
Show all changes
39 commits
Select commit Hold shift + click to select a range
cfb0c6a
feat(redha): store CPEs
knqyf263 Jan 14, 2021
97724e5
feat(redhat): support affected CPE list in OVAL
knqyf263 Jan 14, 2021
a36b6b5
feat(github): support GITHUB_REPOSITORY
knqyf263 Jan 14, 2021
6e44d76
feat(redhat): filter fixed vulnerabilities
knqyf263 Jan 14, 2021
8a08424
fix(db): do not create a bucket
knqyf263 Jan 14, 2021
5f78775
feat(redhat): add VendorID
knqyf263 Jan 14, 2021
2968c5b
fix(redhat-oval): handle empty values
knqyf263 Jan 17, 2021
e24bad1
feat(redhat): add cve URL
knqyf263 Jan 17, 2021
d50cbab
feat(vulnsrc): sort updater
knqyf263 Jan 17, 2021
f86f06e
test(redhat-oval): add testdata
knqyf263 Jan 18, 2021
cb973f0
test(db): add utilities
knqyf263 Jan 18, 2021
8349b49
test(db): update the mock
knqyf263 Jan 18, 2021
9772093
refactor(db): remove %w
knqyf263 Jan 18, 2021
b0ee349
fix(redhat-oval): do not use -including-unpatched
knqyf263 Jan 18, 2021
7291df4
fix(redhat-oval): check http status code
knqyf263 Jan 18, 2021
3dd9ef3
feat(redhat-oval): add the option to pass mapping URL
knqyf263 Jan 18, 2021
a1f84fd
test(redhat-oval): remove mocks
knqyf263 Jan 18, 2021
52c2d14
test(redhat): fix tests
knqyf263 Jan 18, 2021
30afff5
fix(vulnsrc): remove advisory-detail bucket for light db
knqyf263 Jan 18, 2021
97f1fbc
test(redhat-oval): add cpe
knqyf263 Jan 18, 2021
c64024c
test: rename testdata
knqyf263 Jan 19, 2021
a66a884
fix(redhat-oval): skip non-unique RHSA
knqyf263 Jan 19, 2021
ad8d906
fix(redhat_cpe): do not return an error
knqyf263 Jan 19, 2021
1cbb498
Merge branch 'main' into feat/add_content_sets
knqyf263 Nov 18, 2021
d0151c2
feat: change VendorID to VendorIDs
knqyf263 Nov 18, 2021
9b87596
Merge branch 'main' into feat/add_content_sets
knqyf263 Dec 26, 2021
a9e6312
refactor: support recursive advisory details
knqyf263 Dec 26, 2021
a412047
test: no need to maintain safety-db anymore
knqyf263 Dec 26, 2021
ee3085b
refactor: change the signature of PutAdvisoryDetail
knqyf263 Dec 26, 2021
c556ff3
fix(redhat): remove advisories from Security Data API
knqyf263 Dec 28, 2021
19a0780
feat: add util packages
knqyf263 Dec 28, 2021
589182b
feat: take nested buckets
knqyf263 Dec 28, 2021
ac526e0
refactor
knqyf263 Dec 28, 2021
2599a02
feat: introduce cpe indices
knqyf263 Dec 28, 2021
5a35d1d
test(redhat): update
knqyf263 Dec 28, 2021
c2eb909
test: fix error msgs
knqyf263 Dec 28, 2021
8d71551
refactor(redhat): remove unused variables
knqyf263 Dec 28, 2021
247bbe0
Merge branch 'main' into feat/add_content_sets
knqyf263 Jan 28, 2022
e999761
test(redhat): sort results
knqyf263 Jan 28, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
fix(redhat-oval): do not use -including-unpatched
  • Loading branch information
@knqyf263
knqyf263 committed Jan 18, 2021
commit b0ee34932ac960589fb2546308e74085f2574fc5
7 changes: 6 additions & 1 deletion pkg/vulnsrc/redhat-oval/redhat-oval.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@ const (
// the same bucket name as Red Hat Security Data API
platformFormat = "Red Hat Enterprise Linux %s"

rhelFileFormat = "rhel-%s-including-unpatched"
rhelFileFormat = "rhel-%s"
)

var (
Expand Down Expand Up @@ -68,6 +68,11 @@ func (vs VulnSrc) Update(dir string) error {
continue
}

// Skip unpatched vulnerabilities until OVAL v2 includes necessary information
if strings.Contains(f.Name(), "-including-unpatched") {
continue
}

parsedDetails, err := parseOVALStream(filepath.Join(versionDir, f.Name()))
if err != nil {
return xerrors.Errorf("failed to parse OVAL stream: %w", err)
Expand Down