Stage/vuls
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
806 Commits 6 Branches 121 Tags
24d7021c47a275bd4e68e698272af446814be1a8
Commit Graph

49 Commits

Author SHA1 Message Date
Kota Kanbe
81f2ba8a46 fix(report): record not found on reporting with OVAL #679 (#680) 
* fix(report): record not found on reporting with OVAL #679

* lock go version in .travis.yml
 2018-07-10 15:14:35 +09:00
Kota Kanbe
09779962cf Fix(reporting): NotFixedYet of SourcePackage in OVAL match on Debian and Ubuntu (#656) 
* fix(refactoring): oval

* Fix(reporting): NotFixedYet of SourcePackage in OVAL match on Debian and Ubuntu #655
 2018-05-22 18:53:08 +09:00
Kota Kanbe
092a19bdc1 fix: bug of report -diff option (#607) 2018-03-06 16:50:09 +09:00
~Stack~
5a3a333eec Fixed Typo (#574) 2018-01-05 10:20:35 +09:00
Kota Kanbe
47498bbf23 Fix a bug of sending to closed socket while oval access via HTTP #578 (#579) 2018-01-05 10:12:21 +09:00
Mai MISHIRO
c0f66320f6 Add more kernel related packages (Fix #541) (#551) 2017-12-11 14:32:20 +09:00
Kota Kanbe
383220f384 Remove empty CveContent output to JSON with Alpine Linux scan (#550) 2017-12-04 12:52:32 +09:00
Kota Kanbe
e788e6a5ad Support Alpine Linux #194 (#545) 
* Support Alpine Linux #194

* Fix testcase

* Fix README

* Fix dep files

* Fix changelog

* Bump up version
 2017-12-01 23:17:28 +09:00
Kota Kanbe
6af49f4d55 Fix false positive: ignore oval info when kernel major version is different. (#541) 2017-11-10 23:33:43 +09:00
Mai MISHIRO
1de9e8c086 Fix: Misdetection of OvalMatch for CentOS and Scientific in oval/util.go (#536) 
* Fix: Misdecection of OvalMatch for CentOS in oval/util.go

* Remediation: Misdetection of OvalMatch for Scientific (currently treated as RHEL) oval/util.go

* The regular expression was changed because the release number of CentOS and Scientific's unchanged package is different from upstream.

* OvalMatch test of RedHat and CentOS has been added.
 2017-11-09 11:20:23 +09:00
Kota Kanbe
a32845f652 Fix a bug of making channels when fill oval information via HTTP (#514) 
* Fix a bug of making channels when fill oval information via HTTP
 2017-10-17 13:36:49 +09:00
Kota Kanbe
5a0a6abf11 Fix OVAL detection on Debian and Ubuntu (#509) 
* Add filter options to tui subcommand (#508)

* Capture version of source packages on Debian based linux

* Change makefile, gofmt -s

* Refactoring

* Implement OVAL detection of source packages for Debian, Ubuntu
 2017-10-13 17:22:11 +09:00
Kota Kanbe
132432dce6 Support SUSE Enterprise Linux (#487) 
* Support SUSE Enterprise Linux

* Implement Reboot Required detection on SLES

* Fix query OVAL because SUSE provides OVAL data each major.minor version

* Update README

* Support SUSE Enterprise 11
 2017-09-28 12:23:19 +09:00
~Stack~
03a141c252 Fix typos (#499) 
* Update bolt.go

Fix typos

* Update util.go

Fix Typos
 2017-09-26 18:16:54 +09:00
kota kanbe
b5cb08ac43 Handle kernel's vulns using OVAL 2017-08-22 17:44:50 +09:00
kota kanbe
9e90c0f912 Implement NotFixedYet for CentOS 2017-08-17 20:07:39 +09:00
kota kanbe
de65073f61 Set NotFixedYet for Ubuntu Scan 2017-08-17 15:32:22 +09:00
kota kanbe
6129ac7bd4 Change model ScanResult.ScannedCves.AffectedPackages 2017-08-17 12:18:06 +09:00
kota kanbe
47a444e795 Use CVE>Impact as severity when it is not empty (RedHat OVAL) 2017-08-13 22:17:25 +09:00
kota kanbe
c66898e608 Set actually affected package's name only to vulnInfo.PackageNames 2017-08-13 20:50:26 +09:00
kota kanbe
ee20cb59a5 Refactoring 2017-08-13 17:56:12 +09:00
kota kanbe
5c51d83573 Refactoring 2017-08-13 17:18:01 +09:00
kota kanbe
47b3b3848b Refactoring 2017-08-13 15:31:14 +09:00
kota kanbe
008da49b83 Imlement OVAL scan on Oracle Linux 2017-08-09 16:15:25 +09:00
kota kanbe
b1428b6758 Fix a bug of fill oval information of Ubuntu 2017-08-09 16:15:25 +09:00
kota kanbe
1aae425945 Undisplay the number of CVEs at the end of 'scan --package-list-only' 2017-08-09 16:15:25 +09:00
kota kanbe
26e447f11a Check existence and last modified time of local OVAL database when reporting 2017-08-09 16:15:25 +09:00
sadayuki-matsuno
7778783dd8 add db backend redis (#445) 2017-08-09 16:15:25 +09:00
Kota Kanbe
c442a433b0 Add OVAL HTTP health check 2017-08-09 16:15:24 +09:00
Kota Kanbe
f7aa85746d Add retry-max to HTTP access 2017-08-09 16:15:24 +09:00
Kota Kanbe
1883da3b2a Implement HTTP access to oval-dictionary 2017-08-09 16:15:24 +09:00
Kota Kanbe
74805c6be8 Add test cases of CveContents 2017-08-09 16:15:24 +09:00
Kota Kanbe
3be11cf52f Implement format-short-text 2017-08-09 16:15:24 +09:00
Kota Kanbe
b285cb0e57 Remove CRUD funcs of CveContents 2017-08-09 16:15:24 +09:00
Kota Kanbe
cfb848918f Change structure of ScanResult.[]VulnInfo to Map 2017-08-09 16:15:24 +09:00
Kota Kanbe
b977558f38 Change structure of VulnInfo.Pacakges to []string 2017-08-09 16:15:24 +09:00
Kota Kanbe
210e3dc990 Change ScanResult.Packages structure to Map 2017-08-09 16:15:24 +09:00
Kota Kanbe
d626cc8a8b Rename PackageInfoList to Packages 2017-08-09 16:15:24 +09:00
Kota Kanbe
f26b61d773 Change CveContents data type to map 2017-08-09 16:15:24 +09:00
Kota Kanbe
a2c364f9eb Refacotring 2017-08-09 16:15:23 +09:00
Kota Kanbe
17a4e532c1 Fix testcase 2017-08-09 16:15:23 +09:00
Kota Kanbe
c103b79ec2 Change models structure 2017-08-09 16:15:23 +09:00
Kota Kanbe
b545b5d0a3 Unify the models of NVD, JVN, OVAL 2017-08-09 16:15:23 +09:00
Kota Kanbe
037e12b0bd Add Ubuntu Support 2017-08-09 16:15:23 +09:00
Kota Kanbe
c9ab956f8f Make it work on Amazon Linux 2017-08-09 16:15:23 +09:00
Kota Kanbe
587c87b3a0 Fix RHEL oval scan 2017-08-09 16:15:23 +09:00
knqyf263
c989c31aeb Support RHEL 2017-08-09 16:15:23 +09:00
Kota Kanbe
e5d32c8764 Debian Report using OVAL 2017-08-09 16:15:23 +09:00
knqyf263
10a27042b5 Support Debian 2017-08-09 16:15:23 +09:00