Stage/vuls - vuls - Gitea: Git with a cup of tea

Stage/vuls

Author	SHA1	Message	Date
MaineK00n	61c39637f2	feat(scanner/redhat): each package has modularitylabel (#1381 )	2024-05-16 02:54:02 +09:00
MaineK00n	ef2be3d6ea	feat(detect/redhat): detect unpatched vulnerabilities with oval, stop using gost (#1907 ) * feat(oval/redhat): detect not fixed package * feat(gost/redhat): stop using to detect unpatched vulnerabilities	2024-05-10 17:32:40 +09:00
MaineK00n	73dc95f6b9	fix(detector/suse): support when advisory.cves has both NVD and SUSE evaluations (#1899 )	2024-04-23 16:30:33 +09:00
MaineK00n	e1df74cbc1	fix(amazon): use major version for checking eol, security advisories (#1873 )	2024-03-18 16:13:54 +09:00
MaineK00n	7475b27f6a	chore(deps): update dictionary tools, Vuls is now CGO free (#1667 ) * chore(deps): update dictionary tools, Vuls is now CGO free * chore(integration): update commit	2023-05-11 00:28:51 +09:00
MaineK00n	d4d33fc81d	fix(scanner/dpkg): Fix false-negative in Debian and Ubuntu (#1646 ) * fix(scanner/dpkg): fix dpkg-query and not remove src pkgs * refactor(gost): remove unnecesary field and fix typo * refactor(detector/debian): detect using only SrcPackage	2023-04-20 11:42:53 +09:00
MaineK00n	6682232b5c	feat(os): support Amazon Linux 2023 (#1621 )	2023-03-16 17:31:57 +09:00
MaineK00n	ad2edbb844	fix(ubuntu): vulnerability detection for kernel package (#1591 ) * fix(ubuntu): vulnerability detection for kernel package * feat(gost/ubuntu): update mod to treat status: deferred as unfixed * feat(ubuntu): support 22.10	2023-02-03 15:56:58 +09:00
MaineK00n	ca3f6b1dbf	feat(amazon): support Amazon Linux 2 Extra Repository (#1510 ) * feat(amazon): support Amazon Linux 2 Extra Repository * feat(amazon): set Amazon Linux EOL * feat(oracle): set Oracle Linux EOL	2022-08-04 17:52:42 +09:00
MaineK00n	cc63a0eccf	feat(ubuntu): add Jammy Jellyfish(22.04) (#1431 ) * feat(ubuntu): add Jammy Jellyfish(22.04) * chore(deps): gost update * chore(oval/ubuntu): fill kernel package name temporarily	2022-04-27 11:04:00 +09:00
MaineK00n	8775b5efdf	chore: fix lint error (#1438 ) * chore: fix lint: revive error * chore: golanci-lint uses go 1.18 * chore: refactor tasks in GNUmakefile * chore: add trivy binary in fvuls image	2022-04-15 18:12:13 +09:00
MaineK00n	7d8a24ee1a	refactor(detector): standardize db.NewDB to db.CloseDB (#1380 ) * feat(subcmds/report,server): read environment variables when configPath is "" * refactor: standardize db.NewDB to db.CloseDB * chore: clean up import * chore: error wrap * chore: update goval-dictionary * fix(oval): return Pseudo instead of nil for client * chore: fix comment * fix: lint error	2022-02-19 09:20:45 +09:00
MaineK00n	7750347010	fix(oval/suse): use def.Advisory.Cves[0].CveID instead of def.Title (#1397 )	2022-02-17 19:16:14 +09:00
MaineK00n	787604de6a	fix(suse): fix openSUSE, openSUSE Leap, SLES, SLED scan (#1384 ) * fix(suse): fix openSUSE, openSUSE Leap scan * docs: update README * fix: unknown CveContent.Type * fix: tui reporting * fix: listening port was duplicated in format-full-text * fix .gitignore * fix: add EOL data for SLES12.5 Co-authored-by: Kota Kanbe <kotakanbe@gmail.com>	2022-02-15 17:11:54 +09:00
MaineK00n	fe8d252c51	feat(debian): validate running kernel version (#1382 ) * feat(debian): validate running kernel version * chore(gost/debian): only stash when there is linux package	2022-02-11 12:36:48 +09:00
maito1201	1cfe155a3a	feat(fedora): support fedora (#1367 ) * feat(fedora): support fedora * fix(fedora): fix modular package scan * fix(fedora): check needs-restarting, oval arch, add source link Co-authored-by: MaineK00n <mainek00n.1229@gmail.com>	2022-02-09 09:30:44 +09:00
MaineK00n	2923cbc645	fix(centos): identify CentOS and CentOS Stream (#1360 )	2022-02-03 05:32:03 +09:00
MaineK00n	2b7294a504	feat(amazon): support amazon linux 2022 (#1338 )	2021-12-09 11:06:44 +09:00
sadayuki-matsuno	ffdb78962f	update dictionaries (#1326 )	2021-10-29 11:24:49 +09:00
Kota Kanbe	6bceddeeda	chore: update goval-dictionary (#1323 ) * chore: update goval-dictionary * fix errs	2021-10-20 11:10:33 +09:00
Kota Kanbe	e07b6a9160	feat(report): show Amazon ALAS link to report (#1318 )	2021-10-12 09:09:58 +09:00
MaineK00n	7f15a86d6a	chore: change repository owner (#1306 )	2021-09-16 11:05:37 +09:00
MaineK00n	591786fde6	feat(oval): support new goval-dictionary model (#1280 ) * feat(oval): support new goval-dictionary model * chore: fix lint err * chore: set len of slice to 0 * fix(oval): avoid contamination of AffectedPackages by writing directly to defPacks * fix(oval): avoid contamination of AffectedPackages by writing directly to defPacks * feat(report): do not add duplicate CveContent * chore: goval-dictionary update * chore: go mod tidy * fix(oval): preload Advisory.Cves for Ubuntu https://github.com/kotakanbe/goval-dictionary/pull/152 Co-authored-by: Kota Kanbe <kotakanbe@gmail.com>	2021-09-13 10:19:59 +09:00
Kota Kanbe	1003f62212	chore: update go-cve-dictionary (#1292 )	2021-08-26 13:45:40 +09:00
MaineK00n	96c3592db1	breaking-change(go-cve-dict): support new go-cve-dictionary (#1277 ) * feat(model): change CveContents(map[string]CveContent) to map[string][]CveContent * fix(cpescan): use CveIDSource * chore: check Nvd, Jvn data * chore: go-cve-dictionary update * chore: add to cveDetails as is, since CveID is embedded in the response	2021-08-13 18:00:55 +09:00
kazuminn	ff83cadd6e	feat(os) : support Alma Linux (#1261 ) * support Alma Linux * fix miss * feat(os) : support Rocky linux (#1260) * support rocky linux scan * fix miss * lint * fix : like #1266 and error Failed to parse CentOS * pass make test * fix miss * fix pointed out with comment * fix golangci-lint error	2021-08-02 04:36:43 +09:00
Norihiro NAKAOKA	0bf12412d6	fix(rocky): fix Scan in Rocky Linux (#1266 ) * fix(rocky): fix OVAL scan in Rocky Linux * chore: add FreeBSD13 EOL, fix #1245 * chore(rocky): add Rocky Linux EOL tests * feat(rocky): implement with reference to CentOS * feat(raspbian): add Raspbian to Server mode * feat(rocky): support gost scan * fix(rocky): rocky support lessThan * chore: update doc and comment	2021-07-08 05:39:48 +09:00
Shigechika AIKAWA	0e0e5ce4be	feat: Support Ubuntu21 (#1231 )	2021-06-28 10:28:54 +09:00
Norihiro NAKAOKA	8e6351a9e4	feat(oval): goval-dictionary update (#1259 ) * feat(oval): err check for GetLastModified * feat(oval): goval-dictionary update	2021-06-25 14:08:50 +09:00
Norihiro NAKAOKA	b8db2e0b74	feat(report): Change the priority of CVE information in Debian (#1202 ) * fix (bug) : using ScanResults refs #1019 * feat(gost): WIP change priority of CVE Info in Debian * feat(report): change priority of CVE Info in Debian * refactor: move RemoveRaspbianPackFromResult * style: remove comment * fix: lint error * style: change coding style * feat(report): support reporting with gost alone * fix: merge error * refactor(debian): change code to be simple	2021-06-21 15:14:41 +09:00
Kota Kanbe	2a9aebe059	fix(report): improve cpe match logic (#1251 ) * fix(report): improve cpe match logic https://github.com/kotakanbe/go-cve-dictionary/pull/189 * fix vet error	2021-06-11 14:39:41 +09:00
Kota Kanbe	0095c40e69	fix(vet): go vet err of `make build-scanner` (#1248 )	2021-06-09 08:00:52 +09:00
Kota Kanbe	82c1abfd3a	fix(report): detection logic bugs for Oracle Linux (#1247 ) * fix(report): continue detecting if arch is emtpy for Oracle Linux * fix test case * fix(report): a bug of `Not Fixed Yet` of Oracle linux scanning	2021-06-09 05:46:42 +09:00
Kota Kanbe	ab0e950800	fix(oracle): extracting only advisory ID from OVAL.title (#1232 )	2021-04-29 12:54:36 +09:00
Kota Kanbe	17ae386d1e	chore: add a test case #1227 (#1228 )	2021-04-28 12:18:18 +09:00
Kota Kanbe	2d369d0cfe	Fix false positive for Oracle Linux (#1227 ) * fix(oracle): false-positive(handle arch of pkgs) * fix(oracle): false positive kernel-related CVEs * add a test case for ksplice1 * fix(scan): handle uek kernel for Oracle linux * fix(scan): hanlde uek kernel for reboot required * fix(oracle): false-positive for redis-backend	2021-04-27 20:38:45 +09:00
Kota Kanbe	27b3e17b79	feat(saas): delete json dir automatically after upload (#1212 ) * feat(saas): delete json dir automatically after upload * fix lint err	2021-04-15 05:58:41 +09:00
Kota Kanbe	740781af56	feat(logging): add -log-to-file and don't output to file by default (#1209 ) * feat(logging): add -log-to-file and don't output to file by default * update go-cve-dict * fix lint err	2021-04-05 17:41:07 +09:00
Kota Kanbe	6fef4db8a0	fix .goreleaser.yml (#1204 ) * fix .goreleaser.yml * chore: fix lint warnings	2021-04-01 17:43:54 +09:00
Kota Kanbe	9bfe0627ae	refactor: don't use global Config in private func (#1197 ) * refactor: cve_client.go * refactor: don't use global Config in private func * remove import alias for config * refactor: dbclient * refactor: resultDir * refactor: resultsDir * refactor * refactor: gost * refactor: db client * refactor: cveDB * refactor: cvedb * refactor: exploitDB * refactor: remove detector/dbclient.go * refactor: writer * refactor: syslog writer * refactor: ips * refactor: ensureResultDir * refactor: proxy * fix(db): call CloseDB * add integration test * feat(report): sort array in json * sort func for json diff * add build-int to makefile * add int-rds-redis to makefile * fix: test case, makefile * fix makefile * show cve count after diff * make diff * diff -c * sort exploits in json for diff * sort metasploit, exploit	2021-04-01 13:36:24 +09:00
Kota Kanbe	3f2ac45d71	Refactor logger (#1185 ) * refactor: logger * refactor: logging * refactor: rename func * refactor: logging * refactor: logging format	2021-02-26 10:36:58 +09:00
Kota Kanbe	03579126fd	refactor(config): localize config used like a global variable (#1179 ) * refactor(report): LocalFileWriter * refactor -format-json * refacotr: -format-one-email * refactor: -format-csv * refactor: -gzip * refactor: -format-full-text * refactor: -format-one-line-text * refactor: -format-list * refacotr: remove -to-* from config * refactor: IgnoreGitHubDismissed * refactor: GitHub * refactor: IgnoreUnsocred * refactor: diff * refacotr: lang * refacotr: cacheDBPath * refactor: Remove config references * refactor: ScanResults * refacotr: constant pkg * chore: comment * refactor: scanner * refactor: scanner * refactor: serverapi.go * refactor: serverapi * refactor: change pkg structure * refactor: serverapi.go * chore: remove emtpy file * fix(scan): remove -ssh-native-insecure option * fix(scan): remove the deprecated option `keypassword`	2021-02-25 05:54:17 +09:00
Richard Alloway	aeaf308679	Add test-case to verify proper version comparison in lessThan() (#1178 ) * Add test-case to verify proper version comparison when either/both/neither of newVer and ovalmodels.Package contain "_<minor version>" * Rename vera to newVer in Test_lessThan() * Fix oval/util_test.go formatting (make fmt) Co-authored-by: Richard Alloway (OpenLogic) <ralloway@perforce.com>	2021-02-14 05:30:07 +09:00
Kota Kanbe	f5e47bea40	chore: add a test-case to #1176 (#1177 )	2021-02-12 13:46:29 +09:00
Richard Alloway	50cf13a7f2	Pass packInOVAL.Version through centOSVersionToRHEL() to remove the "_<point release>" portion so that packInOVAL.Version strings like 1.8.23-10.el7_9.1 become 1.8.23-10.el7.1 (same behavior as newVer, which now allows packInOVAL.Version and newVer to be directly compared). (#1176 ) Co-authored-by: Richard Alloway (OpenLogic) <ralloway@perforce.com>	2021-02-12 13:33:36 +09:00
Kota Kanbe	4dcbd865cc	fix(report): set http timeout 10 sec (#1154 ) * fix(report): set http timeout 10 sec * fix: add an error handling	2021-01-30 09:40:33 +09:00
Kota Kanbe	63f170cc7a	fix(report): set severity in Red Hat OVAL to both CVSS v3 and v2 #1146 (#1147 )	2021-01-26 07:58:59 +09:00
Kota Kanbe	88899f0e89	refactor: around CheckHTTPHealth (#1139 )	2021-01-20 07:41:29 +09:00
Kota Kanbe	6eff6a9329	feat(report): display EOL information to scan summary (#1120 ) * feat(report): display EOL information to scan summary * detect Amazon linux EOL	2021-01-09 07:58:55 +09:00
Kota Kanbe	4359503484	fix(redhat): possibility of false positives on RHEL (#1115 )	2021-01-06 13:33:08 +09:00

1 2 3

126 Commits