* feat(oval): support new goval-dictionary model
* chore: fix lint err
* chore: set len of slice to 0
* fix(oval): avoid contamination of AffectedPackages by writing directly to defPacks
* fix(oval): avoid contamination of AffectedPackages by writing directly to defPacks
* feat(report): do not add duplicate CveContent
* chore: goval-dictionary update
* chore: go mod tidy
* fix(oval): preload Advisory.Cves for Ubuntu
https://github.com/kotakanbe/goval-dictionary/pull/152
Co-authored-by: Kota Kanbe <kotakanbe@gmail.com>
* chore(cpescan): enable to pass useJvn to detector.DetectCpeURIsCves()
* review comment
* chore: go mod update go-cve
* feat(cpescan): set JvnVendorProductMatch to confidence If detected by JVN
* add NvdExactVersionMatch andd NvdRoughVersionMatch
* add confidence-over option to report
* sort CveContetens
* fix integration-test
* feat(model): change CveContents(map[string]CveContent) to map[string][]CveContent
* fix(cpescan): use CveIDSource
* chore: check Nvd, Jvn data
* chore: go-cve-dictionary update
* chore: add to cveDetails as is, since CveID is embedded in the response
* support Alma Linux
* fix miss
* feat(os) : support Rocky linux (#1260)
* support rocky linux scan
* fix miss
* lint
* fix : like #1266 and error Failed to parse CentOS
* pass make test
* fix miss
* fix pointed out with comment
* fix golangci-lint error
* refactor config
* fix saas config
* feat(config): scanmodule for each server in config.toml
* feat(config): enable to specify containersOnly in config.toml
* add new keys of config.toml to discover.go
* fix summary output, logging
* feat(report): Add NVD as a src for mitigations.
* feat(report): display "Vendor Advisory" URL in NVD
* feat(report): display patch urls in report, tui
Fixed simplest cases of append calls that have no
effect aside from driving Go static analysis tools crazy.
One issue remains (#784) since I'm not sure
what would be the right behavior there.
* Change config.toml, Auto-generate UUIDs, change structure of optional field
* Detect processes affected by update using yum-ps (#482)
Detect processes affected by update using yum-ps
* Detect processes needs restart using checkrestart on Debian and Ubuntu.
* pass cpename by args when calling FillCveInfo (#513)
* fix new db (#502)
* Include Version,Revision in JSON
* Include hostname in JSON
* Update goval-dictionary's commit hash in Gopkg.lock
* Remove README.ja.md
* update packages (#596)
* fix: change ControlPath to .vuls of SSH option (#618)
* feat: checkrestart for Ubuntu and Debian (#622)
* feat: checkrestart for Ubuntu and Debian
* fix: dependencies check logic of configtest
* feat: need-restarting on RedHat
* refactor: Process.ProcName to Process.Name
* feat: detect a systemd service name of need-restarting-process
* feat: detect a systemd service name of need-restarting-process on Ubuntu
* feat: fill a service name of need-restarting-process, init-system
* Support NVD JSON and CVSS3 of JVN (#605)
* fix: compile errors
* fix: Show CVSS3 on TUI
* fix: test cases
* fix: Avoid null in JSON
* Fix maxCvssScore (#621)
* Fix maxCvssScore
* Update vulninfos.go
* fix(init): remove unnecessary log initialization
* refactor(nvd): use only json feed if exists json data. if not, use xml feed
* fix(scan): make Confidence slice
* feat(CWE): Display CWE name to TUI
* feat(cwe): import CWE defs in Japanese
* feat(cwe): add OWASP Top 10 ranking to CWE if applicable
* feat(scan): add -fast-root mode, implement scan/amazon.go
* refactor(const): change const name JVN to Jvn
* feat(scan): add -fast-root mode, implement scan/centos.go
* refactor(dep): update deps
* fix(amazon): deps check
* feat(scan): add -fast-root mode, implement scan/rhel.go
* feat(scan): add -fast-root mode, implement scan/oracle.go
* fix complile err
* feat(scan): add -fast-root mode, implement scan/debian.go
* fix testcase
* fix(amazon): scan using yum
* fix(configtest): change error message, status when no scannnable servers
* Fix(scan): detect init process logic
* fix(tui): display cvss as table format
* fix(scan): parse a output of reboot-notifier on CentOS6.9
* fix(tui): don't display score, vector when score is zero
* fix(scan): add -offline mode to suse scanner
* fix(scan): fix help message
* feat(scan): enable to define scan mode for each servers in config.toml #510
* refactor(config): chagne cpeNames to cpeURIs
* refactor(config): change dependencyCheckXMLPath to owaspDCXMLPath
* fix(config): containers -> containersIncluded, Excluded, containerType
* feature(report): enable to define cpeURIs for each contaner
* feature(report): enable to specify owasp dc xml path for each container
* fix(discover): fix a template displayed at the end of discover
* feature(report): add ignorePkgsRegexp #665
* feature(report): enable to define ignoreCves for each container #666
* fix(report): Displayed nothing in TUI detail area when CweID is nil
* Gopkg.toml diet
* feat(server): support server mode (#678)
* feat(server): support server mode
* Lock go version
* Use the latest kernel release among the installed release when the running kernel release is unknown
* Add TestViaHTTP
* Set logger to go-cve-dictionary client
* Add -to-localfile
* Add -to-http option to report
* Load -to-http conf from config.toml
* Support gost (#676)
* feat(gost): Support RedHat API
* feat(gost): Support Debian Security Tracker
* feat(db): display error msg when SQLite3 is locked at the beginning of reporting.
* feat(gost): TUI
* Only use RedHat information of installed packages
* feat(tui): show mitigation on TUI
* feat(gost): support redis backend
* fix test case
* fix nil pointer when db is nil
* fix(gost): detect vulns of src packages for Debian
* feat(gost): implement redis backend for gost redhat api
* feat(report): display fixState of unfixed pkgs
* fix(report): display distincted cweIDs
* feat(slack): display gost info
* feat(slack): display mitigation
* feat(report): display available patch state as fixed/total
* fix(tui): display - if source of reference is empty
* update deps
* fix(report): key in ScanResult JSON be lowerCamelcase.
* some keys to lower camel
* fix(configtest): dep check logic of yum-plugin-ps
* fix(tui): format
* feat(report): add -format-list option
* fix(report): -format-full-text
* fix(report): report -format-full-text
* fix(report): display v3 score detected by gost
* fix(scan): scan in fast mode if not defined in config.toml
* fix(gost): fetch RedHat data for fixed CVEs
* feat(report): show number of cves detected in each database
* fix(report): show new version as `Unknown` in offline and fast scan mode
* fix(report): fix num of upadtable and fixed
* fix(report): set `Not fixed yet` if packageStatus is empty
* refact(gost): make convertToModel public
* fix(test): fix test case
* update deps
* fix(report): include gost score in MaxCvssScore
* [WIP] feat(config): enable to set options in config.toml instead of cmd opt (#690)
* feat(config): enable to set options in config.toml instead of cmd opt
* fix(config): change Conf.Report.Slack to Conf.Slack
* fix(discover): change tempalte
* fix(report): fix config.toml auto-generate with -uuid
* Add endpoint for health check and change endpoint
* refact(cmd): refactor flag set
* fix(report): enable to specify opts with cmd arg and env value
* fix(scan): enable to parse the release version of amazon linux 2
* add(report) add -to-saas option (#695)
* add(report) add -to-saas option
* ignore other writer if -to-saas
* fix(saas) fix bug
* fix(scan): need-restarting needs internet connection
* fix(scan,configtest): check scan mode
* refactor(scan): change func name
* fix(suse): support offline mode, bug fix on AWS, zypper --no-color
* fix(tui): fix nil pointer when no vulns in tui
* feat(report): enable to define CPE FS format in config.toml
* fix(vet): fix warnings of go vet
* fix(travis): go version to 1.11
* update deps
* Support SUSE Enterprise Linux
* Implement Reboot Required detection on SLES
* Fix query OVAL because SUSE provides OVAL data each major.minor version
* Update README
* Support SUSE Enterprise 11
