Imlement OVAL scan on Oracle Linux
This commit is contained in:
kota kanbe
@@ -19,6 +19,7 @@ package report
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"strings"
|
||||
|
||||
c "github.com/future-architect/vuls/config"
|
||||
"github.com/future-architect/vuls/models"
|
||||
@@ -158,17 +159,17 @@ func fillWithOval(r *models.ScanResult) (err error) {
|
||||
ovalClient = oval.NewCentOS()
|
||||
//use RedHat's OVAL
|
||||
ovalFamily = c.RedHat
|
||||
case c.Oracle:
|
||||
ovalClient = oval.NewOracle()
|
||||
ovalFamily = c.Oracle
|
||||
//TODO
|
||||
// case c.Oracle:
|
||||
// ovalClient = oval.New()
|
||||
// ovalFamily = c.Oracle
|
||||
// case c.Suse:
|
||||
// ovalClient = oval.New()
|
||||
// ovalFamily = c.Oracle
|
||||
case c.Amazon, c.Oracle, c.Raspbian, c.FreeBSD:
|
||||
case c.Amazon, c.Raspbian, c.FreeBSD:
|
||||
return nil
|
||||
default:
|
||||
return fmt.Errorf("Oval %s is not implemented yet", r.Family)
|
||||
return fmt.Errorf("OVAL for %s is not implemented yet", r.Family)
|
||||
}
|
||||
|
||||
ok, err := ovalClient.CheckIfOvalFetched(ovalFamily, r.Release)
|
||||
@@ -176,7 +177,8 @@ func fillWithOval(r *models.ScanResult) (err error) {
|
||||
return err
|
||||
}
|
||||
if !ok {
|
||||
util.Log.Warnf("OVAL entries of %s-%s are not found. It's recommended to use OVAL to improve scanning accuracy. To fetch OVAL, see https://github.com/kotakanbe/goval-dictionary#usage , Then report with --ovaldb-path or --ovaldb-url flag", r.Family, r.Release)
|
||||
major := strings.Split(r.Release, ".")[0]
|
||||
util.Log.Warnf("OVAL entries of %s %s are not found. It's recommended to use OVAL to improve scanning accuracy. To fetch OVAL, see https://github.com/kotakanbe/goval-dictionary#usage , Then report with --ovaldb-path or --ovaldb-url flag", ovalFamily, major)
|
||||
return nil
|
||||
}
|
||||
|
||||
@@ -184,7 +186,6 @@ func fillWithOval(r *models.ScanResult) (err error) {
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
util.Log.Infof("OVAL is fresh: %s-%s ", r.Family, r.Release)
|
||||
|
||||
if err := ovalClient.FillWithOval(r); err != nil {
|
||||
return err
|
||||
|
||||
@@ -233,14 +233,14 @@ func movable(v *gocui.View, nextY int) (ok bool, yLimit int) {
|
||||
}
|
||||
return true, yLimit
|
||||
case "detail":
|
||||
if currentDetailLimitY < nextY {
|
||||
return false, currentDetailLimitY
|
||||
}
|
||||
// if currentDetailLimitY < nextY {
|
||||
// return false, currentDetailLimitY
|
||||
// }
|
||||
return true, currentDetailLimitY
|
||||
case "changelog":
|
||||
if currentChangelogLimitY < nextY {
|
||||
return false, currentChangelogLimitY
|
||||
}
|
||||
// if currentChangelogLimitY < nextY {
|
||||
// return false, currentChangelogLimitY
|
||||
// }
|
||||
return true, currentChangelogLimitY
|
||||
default:
|
||||
return true, 0
|
||||
@@ -733,7 +733,7 @@ func setChangelogLayout(g *gocui.Gui) error {
|
||||
|
||||
type dataForTmpl struct {
|
||||
CveID string
|
||||
Cvsses []models.CveContentCvss
|
||||
Cvsses string
|
||||
Summary string
|
||||
Confidence models.Confidence
|
||||
Cwes []models.CveContentStr
|
||||
@@ -792,9 +792,23 @@ func detailLines() (string, error) {
|
||||
|
||||
summary := vinfo.Summaries(r.Lang, r.Family)[0]
|
||||
|
||||
table := uitable.New()
|
||||
table.MaxColWidth = maxColWidth
|
||||
table.Wrap = true
|
||||
scores := append(vinfo.Cvss3Scores(), vinfo.Cvss2Scores()...)
|
||||
var cols []interface{}
|
||||
for _, score := range scores {
|
||||
cols = []interface{}{
|
||||
score.Value.Severity,
|
||||
score.Value.Format(),
|
||||
score.Type,
|
||||
}
|
||||
table.AddRow(cols...)
|
||||
}
|
||||
|
||||
data := dataForTmpl{
|
||||
CveID: vinfo.CveID,
|
||||
Cvsses: append(vinfo.Cvss3Scores(), vinfo.Cvss2Scores()...),
|
||||
Cvsses: fmt.Sprintf("%s\n", table),
|
||||
Summary: fmt.Sprintf("%s (%s)", summary.Value, summary.Type),
|
||||
Confidence: vinfo.Confidence,
|
||||
Cwes: vinfo.CveContents.CweIDs(r.Family),
|
||||
@@ -817,9 +831,7 @@ const mdTemplate = `
|
||||
|
||||
CVSS Scores
|
||||
--------------
|
||||
{{range .Cvsses -}}
|
||||
* {{.Value.Severity}} {{.Value.Format}} ({{.Type}})
|
||||
{{end}}
|
||||
{{.Cvsses }}
|
||||
|
||||
Summary
|
||||
--------------
|
||||
|
||||
@@ -100,9 +100,9 @@ func formatShortPlainText(r models.ScanResult) string {
|
||||
|
||||
if len(vulns) == 0 {
|
||||
return fmt.Sprintf(`
|
||||
%s
|
||||
No CVE-IDs are found in updatable packages.
|
||||
%s
|
||||
%s
|
||||
No CVE-IDs are found in updatable packages.
|
||||
%s
|
||||
`, header, r.Packages.FormatUpdatablePacksSummary())
|
||||
}
|
||||
|
||||
@@ -174,9 +174,9 @@ func formatFullPlainText(r models.ScanResult) string {
|
||||
|
||||
if len(vulns) == 0 {
|
||||
return fmt.Sprintf(`
|
||||
%s
|
||||
No CVE-IDs are found in updatable packages.
|
||||
%s
|
||||
%s
|
||||
No CVE-IDs are found in updatable packages.
|
||||
%s
|
||||
`, header, r.Packages.FormatUpdatablePacksSummary())
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user