Stage/vuls
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Check existence and last modified time of local OVAL database when reporting

Browse Source
This commit is contained in:
kota kanbe
2017-07-25 17:25:09 +09:00
parent ffbaa0a508
commit 26e447f11a
9 changed files with 147 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
scan/redhat.go
View File

@@ -254,12 +254,6 @@ func (o *redhat) scanPackages() error {
return nil
}
//TODO Cache changelogs to bolt
//TODO --with-changelog
if err := o.fillChangelogs(updatable); err != nil {
return nil
}
var vinfos models.VulnInfos
if vinfos, err = o.scanUnsecurePackages(updatable); err != nil {
o.log.Errorf("Failed to scan vulnerable packages")
@@ -379,6 +373,12 @@ func (o *redhat) parseUpdatablePacksLine(line string) (models.Package, error) {
}
func (o *redhat) scanUnsecurePackages(updatable models.Packages) (models.VulnInfos, error) {
//TODO Cache changelogs to bolt
//TODO --with-changelog
if err := o.fillChangelogs(updatable); err != nil {
return nil, err
}
if o.Distro.Family != config.CentOS {
// Amazon, RHEL, Oracle Linux has yum updateinfo as default
// yum updateinfo can collenct vendor advisory information.