diff --git a/README.ja.md b/README.ja.md
index 9273c299..4cd2f608 100644
--- a/README.ja.md
+++ b/README.ja.md
@@ -594,7 +594,7 @@ Vulsをスキャン対象サーバにデプロイする。Vulsはローカルホ
| Distribution| Scan Speed | Need Root Privilege | OVAL | Need Internet Access
on scan tareget|
|:------------|:--------------------------------------:|:-------------------:|:----------:|:---------------------------------------:|
-| Alpine | Fast | No | Supported | No |
+| Alpine | Fast | No | Supported | Need |
| CentOS | Fast | No | Supported | No |
| RHEL | Fast | No | Supported | No |
| Oracle | Fast | No | Supported | No |
@@ -614,7 +614,7 @@ Vulsをスキャン対象サーバにデプロイする。Vulsはローカルホ
| Distribution| Scan Speed | Need Root Privilege | OVAL | Need Internet Access
on scan tareget|
|:------------|:-------------------------------------:|:-------------------------:|:---------:|:---------------------------------------:|
-| Alpine | Fast | No | Supported | No |
+| Alpine | Fast | No | Supported | Need |
| CentOS | Slow | No | Supported | Need |
| RHEL | Slow | Need | Supported | Need |
| Oracle | Slow | Need | Supported | Need |
@@ -660,8 +660,8 @@ web/app server in the same configuration under the load balancer
| Distribution| Release |
|:------------|-------------------:|
-| Alpine | 3.2 and later |
-| Ubuntu | 12, 14, 16|
+| Alpine | 3.2 and later |
+| Ubuntu | 14, 16|
| Debian | 7, 8, 9|
| RHEL | 5, 6, 7|
| CentOS | 6, 7|
@@ -1661,6 +1661,9 @@ tui:
[-ovaldb-type=sqlite3|mysql]
[-ovaldb-path=/path/to/oval.sqlite3]
[-ovaldb-url=http://127.0.0.1:1324 or DB connection string]
+ [-cvss-over=7]
+ [-ignore-unscored-cves]
+ [-ignore-unfixed]
[-refresh-cve]
[-results-dir=/path/to/results]
[-log-dir=/path/to/log]
@@ -1680,6 +1683,12 @@ tui:
DB type for fetching OVAL dictionary (sqlite3 or mysql) (default "sqlite3")
-ovaldb-url string
http://goval-dictionary.com:1324 or mysql connection string
+ -cvss-over float
+ -cvss-over=6.5 means reporting CVSS Score 6.5 and over (default: 0 (means report all))
+ -ignore-unfixed
+ Don't report the unfixed CVEs
+ -ignore-unscored-cves
+ Don't report the unscored CVEs
-debug
debug mode
-debug-sql
@@ -1905,6 +1914,12 @@ Youtube
- [NVD](https://nvd.nist.gov/)
- [JVN(Japanese)](http://jvndb.jvn.jp/apis/myjvn/)
+- [RedHat](https://www.redhat.com/security/data/oval/)
+- [Debian](https://www.debian.org/security/oval/)
+- [Ubuntu](https://people.canonical.com/~ubuntu-security/oval/)
+- [SUSE](http://ftp.suse.com/pub/projects/security/oval/)
+- [Oracle Linux](https://linux.oracle.com/security/oval/)
+- [Alpine-secdb](https://git.alpinelinux.org/cgit/alpine-secdb/)
# Authors
diff --git a/README.md b/README.md
index f66e3fa9..36f3c059 100644
--- a/README.md
+++ b/README.md
@@ -601,7 +601,7 @@ On the aggregation server, you can refer to the scanning result of each scan tar
| Distribution| Scan Speed | Need Root Privilege | OVAL | Need Internet Access
on scan tareget|
|:------------|:--------------------------------------:|:-------------------:|:----------:|:---------------------------------------:|
-| Alpine | Fast | No | Supported | No |
+| Alpine | Fast | No | Supported | Need |
| CentOS | Fast | No | Supported | No |
| RHEL | Fast | No | Supported | No |
| Oracle | Fast | No | Supported | No |
@@ -619,7 +619,7 @@ On the aggregation server, you can refer to the scanning result of each scan tar
| Distribution| Scan Speed | Need Root Privilege | OVAL | Need Internet Access
on scan tareget|
|:------------|:-------------------------------------:|:-------------------------:|:---------:|:---------------------------------------:|
-| Alpine | Fast | No | Supported | No |
+| Alpine | Fast | No | Supported | Need |
| CentOS | Slow | No | Supported | Need |
| RHEL | Slow | Need | Supported | Need |
| Oracle | Slow | Need | Supported | Need |
@@ -670,7 +670,8 @@ If there is a staging environment with the same configuration as the production
| Distribution | Release |
|:-------------|-------------------:|
-| Ubuntu | 12, 14, 16|
+| Alpine | 3.2 and later |
+| Ubuntu | 14, 16|
| Debian | 7, 8, 9|
| RHEL | 5, 6, 7|
| Oracle Linux | 5, 6, 7|
@@ -679,7 +680,6 @@ If there is a staging environment with the same configuration as the production
| FreeBSD | 10, 11|
| SUSE Enterprise | 11, 12|
| Raspbian | Jessie, Stretch |
-| Alpine | 3.2 and later |
----
@@ -1673,9 +1673,10 @@ tui:
[-ovaldb-type=sqlite3|mysql]
[-ovaldb-path=/path/to/oval.sqlite3]
[-ovaldb-url=http://127.0.0.1:1324 or DB connection string]
- [-cvss-over=7]
- [-ignore-unscored-cves]
- [-ignore-unfixed]
+ [-cvss-over=7]
+ [-ignore-unscored-cves]
+ [-ignore-unfixed]
+ [-refresh-cve]
[-results-dir=/path/to/results]
[-log-dir=/path/to/log]
[-debug]
@@ -1885,6 +1886,12 @@ Youtube
- [NVD](https://nvd.nist.gov/)
- [JVN(Japanese)](http://jvndb.jvn.jp/apis/myjvn/)
+- [RedHat](https://www.redhat.com/security/data/oval/)
+- [Debian](https://www.debian.org/security/oval/)
+- [Ubuntu](https://people.canonical.com/~ubuntu-security/oval/)
+- [SUSE](http://ftp.suse.com/pub/projects/security/oval/)
+- [Oracle Linux](https://linux.oracle.com/security/oval/)
+- [Alpine-secdb](https://git.alpinelinux.org/cgit/alpine-secdb/)
# Authors
diff --git a/oval/alpine.go b/oval/alpine.go
index 0a3e87ae..1df47f73 100644
--- a/oval/alpine.go
+++ b/oval/alpine.go
@@ -21,7 +21,6 @@ import (
"github.com/future-architect/vuls/config"
"github.com/future-architect/vuls/models"
"github.com/future-architect/vuls/util"
- ovalmodels "github.com/kotakanbe/goval-dictionary/models"
)
// Alpine is the struct of Alpine Linux
@@ -58,15 +57,13 @@ func (o Alpine) FillWithOval(r *models.ScanResult) (err error) {
}
func (o Alpine) update(r *models.ScanResult, defPacks defPacks) {
- ovalContent := *o.convertToModel(&defPacks.def)
cveID := defPacks.def.Advisory.Cves[0].CveID
vinfo, ok := r.ScannedCves[cveID]
if !ok {
util.Log.Debugf("%s is newly detected by OVAL", cveID)
vinfo = models.VulnInfo{
- CveID: cveID,
- Confidence: models.OvalMatch,
- CveContents: models.NewCveContents(ovalContent),
+ CveID: cveID,
+ Confidence: models.OvalMatch,
}
}
@@ -74,9 +71,3 @@ func (o Alpine) update(r *models.ScanResult, defPacks defPacks) {
vinfo.AffectedPackages.Sort()
r.ScannedCves[cveID] = vinfo
}
-
-func (o Alpine) convertToModel(def *ovalmodels.Definition) *models.CveContent {
- return &models.CveContent{
- CveID: def.Advisory.Cves[0].CveID,
- }
-}