Fix false positive for Oracle Linux (#1227)

* fix(oracle): false-positive(handle arch of pkgs) * fix(oracle): false positive kernel-related CVEs * add a test case for ksplice1 * fix(scan): handle uek kernel for Oracle linux * fix(scan): hanlde uek kernel for reboot required * fix(oracle): false-positive for redis-backend
2021-04-27 20:38:45 +09:00
parent c36e645d9b
commit 2d369d0cfe
13 changed files with 3263 additions and 36 deletions
--- a/oval/util_test.go
+++ b/oval/util_test.go
@@ -1153,6 +1153,45 @@ func TestIsOvalDefAffected(t *testing.T) {
 			affected:    false,
 			notFixedYet: false,
 		},
+		// .ksplice1.
+		{
+			in: in{
+				family: constant.Oracle,
+				def: ovalmodels.Definition{
+					AffectedPacks: []ovalmodels.Package{
+						{
+							Name:    "nginx",
+							Version: "2:2.17-106.0.1.ksplice1.el7_2.4",
+						},
+					},
+				},
+				req: request{
+					packName:       "nginx",
+					versionRelease: "2:2.17-107",
+				},
+			},
+			affected: false,
+		},
+		// .ksplice1.
+		{
+			in: in{
+				family: constant.Oracle,
+				def: ovalmodels.Definition{
+					AffectedPacks: []ovalmodels.Package{
+						{
+							Name:    "nginx",
+							Version: "2:2.17-106.0.1.ksplice1.el7_2.4",
+						},
+					},
+				},
+				req: request{
+					packName:       "nginx",
+					versionRelease: "2:2.17-105.0.1.ksplice1.el7_2.4",
+				},
+			},
+			affected: true,
+			fixedIn:  "2:2.17-106.0.1.ksplice1.el7_2.4",
+		},
 	}
 	for i, tt := range tests {
 		affected, notFixedYet, fixedIn := isOvalDefAffected(tt.in.def, tt.in.req, tt.in.family, tt.in.kernel, tt.in.mods)