Stage/vuls
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,100 Commits 6 Branches 121 Tags
ef8309df27c38a863f3121440542436b810ec0c8
Commit Graph

298 Commits

Author SHA1 Message Date
Kota Kanbe
9afbf1255f feat: Add -vvv option to scan cmd (#617) 2018-03-14 12:18:03 +09:00
Kota Kanbe
50b105c4af fix: SSH session multiplexing (#616) 2018-03-13 22:35:25 +09:00
Kota Kanbe
6d3398574c fix: support CentOS cloud image (#606) 
https://bugzilla.redhat.com/show_bug.cgi?id=1332025
 2018-03-06 14:10:21 +09:00
Teppei Fukuda
b08969ad89 Support a reporting via Syslog (#604) 
* Support a reporting via syslog

* Update dependencies
 2018-02-27 20:38:34 +09:00
Teppei Fukuda
7a5793c562 Add IP address to scan results (#602) 2018-02-19 12:50:00 +09:00
Kota Kanbe
c00404793a Add offline option to scan and configtest (#588) 
Add offline option to scan and configtest
 2018-01-19 01:07:44 +09:00
Mai MISHIRO
db43d55b2c Fixed panic occurred when blank line continued in changelog (#569) 2018-01-05 10:23:44 +09:00
Mai MISHIRO
0e8736045e LXC container support without LXD (#552) 
* LXC container support without LXD

* Fix: LXC required root privilege

* Update README
 2017-12-18 22:54:32 +09:00
Kota Kanbe
19b581edef Support Amazon Linux2 (#562) 2017-12-15 20:07:49 +09:00
Mai MISHIRO
295f6656d9 Fix #548 and #557 - RHEL's Fast Scan no longer required internet connection and root privilege (#559) 2017-12-15 19:34:10 +09:00
Mai MISHIRO
1214d8c14d Change error handling of "Reboot Required" detection (#556) 2017-12-12 17:03:42 +09:00
Mai MISHIRO
b4cd96fc9a Fix some RPM related commands failed in the container (#554) 2017-12-12 12:14:57 +09:00
Kota Kanbe
e788e6a5ad Support Alpine Linux #194 (#545) 
* Support Alpine Linux #194

* Fix testcase

* Fix README

* Fix dep files

* Fix changelog

* Bump up version
 2017-12-01 23:17:28 +09:00
Flaviu
d00e912934 Replace strings.HasPrefix with strings.Index for SuSE scanner (#546) 2017-11-21 11:37:43 +09:00
Kota Kanbe
8ebb663368 Fix yum changelog option (#543) 2017-11-15 17:32:17 +09:00
Mai MISHIRO
59b0812adf Fix: "Reboot Required" detection process in scan/redhat.go (#534) 2017-11-08 17:16:59 +09:00
Kota Kanbe
5ced3c72b8 Insert sudo only at the beginning of command in deep scan #495 (#539) 
* Insert `sudo` only at the beginning of command in deep scan #495

* Fix testcase
 2017-11-08 15:48:43 +09:00
Kota Kanbe
00c690f516 Add pseudo server type for non-ssh scanning (only cpe scan) #512 (#531) 
* Add pseudo server type for non-ssh scanning (only cpe scan) #512

* Don't check hostname for pseudo type

* Update README.md
 2017-11-02 17:02:06 +09:00
nashiox
e137ebb9c2 Fix package query fails on debian based container (#519) (#522) 
* Fix package query fails on debian based container (#519)

* Fix executil test (#519)
 2017-10-25 18:49:47 +09:00
Kota Kanbe
5a0a6abf11 Fix OVAL detection on Debian and Ubuntu (#509) 
* Add filter options to tui subcommand (#508)

* Capture version of source packages on Debian based linux

* Change makefile, gofmt -s

* Refactoring

* Implement OVAL detection of source packages for Debian, Ubuntu
 2017-10-13 17:22:11 +09:00
Kota Kanbe
132432dce6 Support SUSE Enterprise Linux (#487) 
* Support SUSE Enterprise Linux

* Implement Reboot Required detection on SLES

* Fix query OVAL because SUSE provides OVAL data each major.minor version

* Update README

* Support SUSE Enterprise 11
 2017-09-28 12:23:19 +09:00
Xiuming Chen
e5eb8e42f5 Debian: Use --showformat flag to get status of packages and ignore n(not-inst… (#484) 
* Use --showformat flag to get status of packages and ignore n(not-installed) and c(removed, only has config files remaining) packages.

* Ignoring all packages that are not in 'Installed' status.

* Simplify char escaping in the command.

* Fix typo.
 2017-09-27 09:43:59 +09:00
Kota Kanbe
5f2183fc8e Check repoquery with sudo nopasswd in deep scan mode on RedHat (#492) 2017-09-14 09:14:20 -07:00
kota kanbe
b5cb08ac43 Handle kernel's vulns using OVAL 2017-08-22 17:44:50 +09:00
kota kanbe
648a999514 Include config in json result 2017-08-18 22:39:45 +09:00
kota kanbe
71490aebd9 Fix sudo in deep scan of RHEL 2017-08-17 21:17:13 +09:00
kota kanbe
6129ac7bd4 Change model ScanResult.ScannedCves.AffectedPackages 2017-08-17 12:18:06 +09:00
kota kanbe
b5d4d27312 Fix "Vulnerable package: is not found" error on FreeBSD 2017-08-16 14:34:59 +09:00
kota kanbe
477e12d5cf Fix FreeBSD detection 2017-08-16 11:54:19 +09:00
kota kanbe
fd19fa2082 nosudo repoquery 2017-08-15 10:37:11 +09:00
kota kanbe
843f1a462f Fix checkDependencies for redhat.go 2017-08-14 15:53:11 +09:00
kota kanbe
b14406e329 Fix check logic of dependent packages in redhat.go 2017-08-09 16:18:09 +09:00
kota kanbe
29cf4bb517 Setup changelog cache only when necessary 2017-08-09 16:18:09 +09:00
kota kanbe
a233e08929 When scanning raspbian, always scan with deep scan mode 2017-08-09 16:18:09 +09:00
kota kanbe
2887dc0d36 Fix configtest to match fast and deep scan mode 2017-08-09 16:15:25 +09:00
kota kanbe
008da49b83 Imlement OVAL scan on Oracle Linux 2017-08-09 16:15:25 +09:00
kota kanbe
8b6a283114 Add a deep flag to scan 2017-08-09 16:15:25 +09:00
kota kanbe
4379b8bacf Use version comparison logic when parsing change log (Ubuntu, Debian) 2017-08-09 16:15:25 +09:00
kota kanbe
1752736714 Fix nil pointer 2017-08-09 16:15:25 +09:00
kota kanbe
9b6d84def6 Fix false positive detection on RHEL, Amazon and Oracle 2017-08-09 16:15:25 +09:00
kota kanbe
ed162d7d6e Display the information of yum updateinfo on TUI (for RHEL, Amazon, Oracle) 2017-08-09 16:15:25 +09:00
kota kanbe
26e447f11a Check existence and last modified time of local OVAL database when reporting 2017-08-09 16:15:25 +09:00
Kota Kanbe
ffbaa0a508 Extract Advisory.Description on RHEL, Amazon, Oracle (#450) 2017-08-09 16:15:25 +09:00
Kota Kanbe
a9ebac3818 nosudo on CentOS and Fetch Changelogs on Amazon, RHEL (#448) 
* Use repoquery for no sudo and avoid unintended line feed of yum or rpm. #444

* Change data type of enablerepo in config.toml. string to array

* Fetch yum changelogs at once then grep CVE-IDs

* Fix changelog parse logic and Update Gopkg
 2017-08-09 16:15:25 +09:00
sadayuki-matsuno
738e9fb119 change logrus package to lowercase and update other packages (#446) 2017-08-09 16:15:25 +09:00
sadayuki-matsuno
7778783dd8 add db backend redis (#445) 2017-08-09 16:15:25 +09:00
Kota Kanbe
c442a433b0 Add OVAL HTTP health check 2017-08-09 16:15:24 +09:00
Kota Kanbe
997dd6022f Kind error message when SSH connection fails 2017-08-09 16:15:24 +09:00
Kota Kanbe
9128e2748b Refactoring 2017-08-09 16:15:24 +09:00
Kota Kanbe
7f8c975bd7 Avoid concurrent Map writes 2017-08-09 16:15:24 +09:00