| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
| |
Signed-off-by: Salvatore Bonaccorso <carnil@debian.org>
|
|
|
|
|
|
|
|
|
|
| |
As the bugzilla query cannot reliably deliver CVE information anymore
and the metadata export has been discontinued switch to gather the
Red Hat known CVEs from the Red Hat Security Data API endpoint instread.
Link: https://www.redhat.com/en/blog/future-red-hat-security-data
Link: https://access.redhat.com/documentation/en-us/red_hat_security_data_api/1.0/html/red_hat_security_data_api/index
Signed-off-by: Salvatore Bonaccorso <carnil@debian.org>
|
|
|
|
|
|
|
|
|
|
| |
Red Hat does not provide anymore CVE metadata from Bugzilla in xml form
for further parsing. Disable it now.
A future update might fetch data from te alterantive new sources.
Link: https://www.redhat.com/en/blog/future-red-hat-security-data
Signed-off-by: Salvatore Bonaccorso <carnil@debian.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Additionally to the vendored entries addressed in d8b81d2818b3
("external-check: Handle vendor prefixed entries") some entries might be
of the form "UBUNTU:Ubuntu security $CVE", and the external check update
will bail out as:
[...]
<td>UBUNTU:Ubuntu Security CVE-2020-11935</td>
UBUNTU.list contains garbage (see above), aborting
Allow the expression to contain additionall an additional text beweend
the vendor prefix and the CVE. Maybe we should simply match anything
beween a opening HTML tag, the CVE and a closing tag, filtering out the
CVE as better solution.
The idea behind this change is to really poinpoint any vendor entry in
the respective source-$vendor.html list.
Link: https://lists.debian.org/debian-security-tracker/2023/04/msg00003.html
Signed-off-by: Salvatore Bonaccorso <carnil@debian.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When the source-$VENDOR.html lists contain a vendor prefixed CVE entry
the external check update command will bail out:
[...]
<td>DEBIAN:CVE-2019-1010022</td>
<td>DEBIAN:CVE-2019-1010023</td>
<td>DEBIAN:CVE-2019-1010024</td>
<td>DEBIAN:CVE-2019-1010025</td>
DEBIAN.list contains garbage (see above), aborting
Allow the expression to contain a VENDOR: prefix and strip it out as
well.
Link: https://lists.debian.org/debian-security-tracker/2020/11/msg00014.html
Signed-off-by: Salvatore Bonaccorso <carnil@debian.org>
|
|
|
|
| |
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@44582 e39458fd-73e7-0310-bf30-c45bca0a0e42
|
|
|
|
| |
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@44581 e39458fd-73e7-0310-bf30-c45bca0a0e42
|
|
|
|
|
|
|
|
| |
Use perl for easier looping and to have more readable code
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@44580 e39458fd-73e7-0310-bf30-c45bca0a0e42
|
|
|
|
| |
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@41113 e39458fd-73e7-0310-bf30-c45bca0a0e42
|
|
|
|
| |
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@41112 e39458fd-73e7-0310-bf30-c45bca0a0e42
|
|
|
|
| |
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@40100 e39458fd-73e7-0310-bf30-c45bca0a0e42
|
|
|
|
|
|
|
|
|
| |
https://www.redhat.com/security/data/cve/cve-$year.html
Now not anymore a file which we can download only if it has newer
timestamp, so download on every cronjob run.
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@36935 e39458fd-73e7-0310-bf30-c45bca0a0e42
|
|
|
|
| |
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@24591 e39458fd-73e7-0310-bf30-c45bca0a0e42
|
|
|
|
| |
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@18951 e39458fd-73e7-0310-bf30-c45bca0a0e42
|
|
|
|
| |
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@18540 e39458fd-73e7-0310-bf30-c45bca0a0e42
|
|
|
|
|
|
|
| |
Example: ./lookup -s UBUNTU
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@15704 e39458fd-73e7-0310-bf30-c45bca0a0e42
|
|
Try with: cd check-external && ./update.sh && ./lookup.sh CVE-2010
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@15701 e39458fd-73e7-0310-bf30-c45bca0a0e42
|