Stage/vuls
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
675 Commits 6 Branches 121 Tags
477e12d5cf36d6a79b9bce761ecfbc7b58e6c19c
Commit Graph

675 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
kota kanbe
477e12d5cf Fix FreeBSD detection 2017-08-16 11:54:19 +09:00
kota kanbe
886a21c633 Bump up version to 0.4.0 2017-08-15 10:43:59 +09:00
kota kanbe
fd19fa2082 nosudo repoquery 2017-08-15 10:37:11 +09:00
kota kanbe
843f1a462f Fix checkDependencies for redhat.go 2017-08-14 15:53:11 +09:00
kota kanbe
5c5b8a361d Merge branch 'support_oval' of https://github.com/future-architect/vuls into dev_v0.4.0 
* 'support_oval' of https://github.com/future-architect/vuls:
  Update README (#463)
 2017-08-14 00:07:54 +09:00
Kota Kanbe
417df0582d Update README (#463) 2017-08-14 00:07:39 +09:00
kota kanbe
999d8f5866 Update README 2017-08-14 00:05:20 +09:00
kota kanbe
47a444e795 Use CVE>Impact as severity when it is not empty (RedHat OVAL) 2017-08-13 22:17:25 +09:00
kota kanbe
dbceca8780 Update Gopkg.lock 2017-08-13 21:51:43 +09:00
kota kanbe
c66898e608 Set actually affected package's name only to vulnInfo.PackageNames 2017-08-13 20:50:26 +09:00
kota kanbe
ee20cb59a5 Refactoring 2017-08-13 17:56:12 +09:00
kota kanbe
5c51d83573 Refactoring 2017-08-13 17:18:01 +09:00
kota kanbe
47b3b3848b Refactoring 2017-08-13 15:31:14 +09:00
sadayuki-matsuno
95eb980f58 export FillWithOval (#462) 2017-08-11 17:27:10 +09:00
kota kanbe
f738622c28 Update png in README.md 2017-08-11 13:31:02 +09:00
kota kanbe
577509bbf9 Fix MaxCvssScore logic 2017-08-09 16:18:09 +09:00
kota kanbe
774c78add0 Fix oval-db existence check on reporting 2017-08-09 16:18:09 +09:00
kota kanbe
b14406e329 Fix check logic of dependent packages in redhat.go 2017-08-09 16:18:09 +09:00
kota kanbe
29cf4bb517 Setup changelog cache only when necessary 2017-08-09 16:18:09 +09:00
kota kanbe
a233e08929 When scanning raspbian, always scan with deep scan mode 2017-08-09 16:18:09 +09:00
sadayuki-matsuno
cbd1c12773 add s3 dirctory option (#457) 2017-08-09 16:18:08 +09:00
sadayuki-matsuno
0a3f0f9ffc add serveruuid field (#458) 2017-08-09 16:18:08 +09:00
kota kanbe
d3014025b0 Update README 2017-08-09 16:18:08 +09:00
kota kanbe
2887dc0d36 Fix configtest to match fast and deep scan mode 2017-08-09 16:15:25 +09:00
kota kanbe
5f49e7da8e Refactoring 2017-08-09 16:15:25 +09:00
kota kanbe
9e0032b258 Fix cvss link in slack notification 2017-08-09 16:15:25 +09:00
kota kanbe
008da49b83 Imlement OVAL scan on Oracle Linux 2017-08-09 16:15:25 +09:00
kota kanbe
9899cba816 Display summary of advisory when no entry in NVD, OVAL 2017-08-09 16:15:25 +09:00
kota kanbe
27724a2faf Use CVSS seveirty of distro advisory when no entiry in NVD and OVAL 2017-08-09 16:15:25 +09:00
kota kanbe
8b6a283114 Add a deep flag to scan 2017-08-09 16:15:25 +09:00
kota kanbe
4379b8bacf Use version comparison logic when parsing change log (Ubuntu, Debian) 2017-08-09 16:15:25 +09:00
kota kanbe
56603dcfae Fix a bug of lower limit of cursor movement in TUI 2017-08-09 16:15:25 +09:00
kota kanbe
1752736714 Fix nil pointer 2017-08-09 16:15:25 +09:00
kota kanbe
b1428b6758 Fix a bug of fill oval information of Ubuntu 2017-08-09 16:15:25 +09:00
kota kanbe
9b6d84def6 Fix false positive detection on RHEL, Amazon and Oracle 2017-08-09 16:15:25 +09:00
kota kanbe
ed162d7d6e Display the information of yum updateinfo on TUI (for RHEL, Amazon, Oracle) 2017-08-09 16:15:25 +09:00
kota kanbe
1aae425945 Undisplay the number of CVEs at the end of 'scan --package-list-only' 2017-08-09 16:15:25 +09:00
kota kanbe
26e447f11a Check existence and last modified time of local OVAL database when reporting 2017-08-09 16:15:25 +09:00
Kota Kanbe
ffbaa0a508 Extract Advisory.Description on RHEL, Amazon, Oracle (#450) 2017-08-09 16:15:25 +09:00
Kota Kanbe
a9ebac3818 nosudo on CentOS and Fetch Changelogs on Amazon, RHEL (#448) 
* Use repoquery for no sudo and avoid unintended line feed of yum or rpm. #444

* Change data type of enablerepo in config.toml. string to array

* Fetch yum changelogs at once then grep CVE-IDs

* Fix changelog parse logic and Update Gopkg
 2017-08-09 16:15:25 +09:00
sadayuki-matsuno
738e9fb119 change logrus package to lowercase and update other packages (#446) 2017-08-09 16:15:25 +09:00
sadayuki-matsuno
7778783dd8 add db backend redis (#445) 2017-08-09 16:15:25 +09:00
Kota Kanbe
c442a433b0 Add OVAL HTTP health check 2017-08-09 16:15:24 +09:00
Kota Kanbe
f7aa85746d Add retry-max to HTTP access 2017-08-09 16:15:24 +09:00
Kota Kanbe
1883da3b2a Implement HTTP access to oval-dictionary 2017-08-09 16:15:24 +09:00
Kota Kanbe
997dd6022f Kind error message when SSH connection fails 2017-08-09 16:15:24 +09:00
Kota Kanbe
63394a2400 Fix error handling while loading JSON in reporting 2017-08-09 16:15:24 +09:00
Kota Kanbe
a662b038dc Fix CVSS2 in TUI 2017-08-09 16:15:24 +09:00
Kota Kanbe
e9df2bfa01 Convert null to empty in JSON 2017-08-09 16:15:24 +09:00
Kota Kanbe
a7951b727c Remove commented out code 2017-08-09 16:15:24 +09:00