Stage/vuls
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
642 Commits 6 Branches 121 Tags
b1428b6758692e7b421bfeb37d26afc3e6c0a9dc
Commit Graph

53 Commits

Author SHA1 Message Date
Kota Kanbe
a9ebac3818 nosudo on CentOS and Fetch Changelogs on Amazon, RHEL (#448) 
* Use repoquery for no sudo and avoid unintended line feed of yum or rpm. #444

* Change data type of enablerepo in config.toml. string to array

* Fetch yum changelogs at once then grep CVE-IDs

* Fix changelog parse logic and Update Gopkg
 2017-08-09 16:15:25 +09:00
sadayuki-matsuno
7778783dd8 add db backend redis (#445) 2017-08-09 16:15:25 +09:00
Kota Kanbe
c442a433b0 Add OVAL HTTP health check 2017-08-09 16:15:24 +09:00
Kota Kanbe
997dd6022f Kind error message when SSH connection fails 2017-08-09 16:15:24 +09:00
Kota Kanbe
7f8c975bd7 Avoid concurrent Map writes 2017-08-09 16:15:24 +09:00
Kota Kanbe
3be11cf52f Implement format-short-text 2017-08-09 16:15:24 +09:00
Kota Kanbe
cfb848918f Change structure of ScanResult.[]VulnInfo to Map 2017-08-09 16:15:24 +09:00
Kota Kanbe
b977558f38 Change structure of VulnInfo.Pacakges to []string 2017-08-09 16:15:24 +09:00
Kota Kanbe
210e3dc990 Change ScanResult.Packages structure to Map 2017-08-09 16:15:24 +09:00
Kota Kanbe
d626cc8a8b Rename PackageInfoList to Packages 2017-08-09 16:15:24 +09:00
Kota Kanbe
23c177ed4a -package-list-only for Debian 2017-08-09 16:15:23 +09:00
Kota Kanbe
d077c29716 Fix scan confidence on Ubuntu/Debian/Raspbian #362 2017-03-13 20:55:23 +09:00
Kota Kanbe
688cfd6872 Deprecate prepare subcommand to minimize the root authority #375 2017-03-13 13:21:01 +09:00
Kota Kanbe
a86035c0bf Output changelog in report, TUI and JSON for Ubuntu/Debian/CentOS 2017-03-02 22:22:35 +09:00
Kota Kanbe
1b9aafbbaf Output confidence ranking of detection accuracy to JSON or Reporting 2017-02-22 20:51:58 +09:00
Kota Kanbe
1d3ee6a241 Merge pull request #328 from federacy/leniant_changelog_parsing_for_debian 
Add leniancy to the version matching for debian to account for versio…
 2017-02-22 20:43:46 +09:00
Kota Kanbe
6e08bd23f4 Merge pull request #330 from knqyf263/support_raspbian 
Support Raspbian
 2017-02-14 12:15:28 +09:00
knqyf263
bee25f5aa2 Support Raspbian 2017-02-13 22:15:09 +09:00
Kota Kanbe
386b97d2be Continue scanning even when some hosts have tech issues 
see #264
 2017-02-13 21:55:55 +09:00
Kota Kanbe
00660485b7 Merge pull request #324 from federacy/aptitude_changelog_more_to_cat 
aptitude changelog defaults to using more, which is not interactive a…
 2017-02-13 14:54:12 +09:00
James Sulinski
981631503a Add leniancy to the version matching for debian to account for versions without the "+" when package maintainers aren't using them. 2017-02-10 11:38:46 -08:00
James Sulinski
b5c2718756 aptitude changelog defaults to using more, which is not interactive and breaks docker scans. Set PAGER=cat before running to default to cat. 2017-02-09 00:54:47 -08:00
James Sulinski
a03a803b89 Reduce privilege requirements for commands that don't need sudo 2017-02-09 00:47:08 -08:00
Kota Kanbe
42a6004c7d Fix the changelog cache logic for ubuntu/debian 2017-01-28 04:08:57 +09:00
Kota Kanbe
20275a1063 Add local scan mode. 
If the scan target server is localhost, Don't use SSH. #210
 2017-01-17 00:16:46 +09:00
Kota Kanbe
155cadf901 Add report subcommand, change scan options. Bump up ver #239 2017-01-05 13:40:25 +09:00
Oliver Bristow
2310522806 Fix non-interactive apt-get install #251 2016-11-11 19:13:51 +00:00
Kota Kanbe
7681b277cf Fix changelog cache bug on Ubuntu and Debian #235 2016-11-01 13:03:44 +09:00
Kota Kanbe
21beb396b4 Confirm before installing dependencies on prepare 2016-10-13 16:06:48 +09:00
Kota Kanbe
cf7990d444 Fix locale env var LANG to LANGUAGE 2016-10-12 08:59:05 +09:00
Kota Kanbe
e3fc3aa9d1 Fix not working changelog cache on Container 2016-09-20 20:29:02 +09:00
Kota Kanbe
dd1d3a05fa High speed scan on Ubuntu/Debian 2016-09-12 21:10:21 +09:00
Kota Kanbe
c8a9bdc517 Merge pull request #152 from sadayuki-matsuno/delete_sqlite 
delete sqlite3
 2016-09-06 13:19:07 +09:00
Sadayuki Matsuno
595729cdf8 delete sqlite3 2016-09-06 12:25:47 +09:00
Kota Kanbe
a60a5d6eab Remove deprecated options -use-unattended-upgrades,-use-yum-plugin-security 2016-08-30 12:37:03 +09:00
itchyny
7dfc9815b3 Reduce regexp compilation 
- use regexp.MustCompile instead of regexp.Compile
- use strings.HasPrefix instead of regular expression when it is enough
 2016-08-26 20:39:31 +09:00
Kota Kanbe
d8dc3650d3 Add testcases for #153 2016-08-23 19:26:34 +09:00
Takayuki Ushida
b1f5bdd8b2 Fix CVE-ID is truncated to 4 digits 2016-08-20 21:23:31 +09:00
kota kanbe
f939041606 Disable -ask-sudo-password for security reasons 2016-08-16 11:09:01 +09:00
KITAGAWA Yasutaka
b9404d0880 Fix apt command to scan correctly when system locale is not english 2016-08-14 01:05:23 +09:00
kota kanbe
34d6d6e709 Add configtest subcommand. skip un-ssh-able servers. 2016-07-19 12:29:20 +09:00
kota kanbe
b91ed9cff5 Support -report-azure-blob option 2016-07-12 16:21:45 +09:00
kota kanbe
d3466eabe5 Add error handling when unable to connect via ssh. status code: 255 2016-06-26 08:15:40 +09:00
kota kanbe
c3deb93489 Rename linux.go to base.go 2016-06-16 10:37:49 +09:00
kota kanbe
17181405e3 Enable to detect vulnerabilities on FreeBSD 2016-06-14 16:34:11 +09:00
kota kanbe
058ab55a6f Fix error handling to avoid nil pointer err on debian 2016-05-31 11:30:33 +09:00
kota kanbe
33b1ccba67 Fix nil pointer while doing apt-cache policy on ubuntu #76 2016-05-31 09:46:57 +09:00
kota kanbe
54d6217b93 Add JSONWriter, Fix CVE sort order of report 2016-05-29 10:03:22 +09:00
kota kanbe
d91bf61038 Refactoring debian.go 2016-05-25 20:58:55 +09:00
kota kanbe
359dab3380 fix pointless sudo in debian.go #29 2016-05-19 17:20:09 +09:00