From e6ae9507250889dee26426e682776da6cfd0f309 Mon Sep 17 00:00:00 2001 From: Raphael Geissert Date: Tue, 14 Dec 2010 17:56:22 +0000 Subject: Add support for other CVE sources Example: ./lookup -s UBUNTU git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@15704 e39458fd-73e7-0310-bf30-c45bca0a0e42 --- check-external/update.sh | 22 ++++++++++++++++++---- 1 file changed, 18 insertions(+), 4 deletions(-) (limited to 'check-external/update.sh') diff --git a/check-external/update.sh b/check-external/update.sh index cf75051fba..1bd5661e33 100755 --- a/check-external/update.sh +++ b/check-external/update.sh @@ -18,13 +18,27 @@ # along with this file. If not, see . #################### -# Note: The downloaded html files are Copyright by Red Hat, Inc. -# or as specified at the individual html files or elsewhere on redhat.com's website - set -e +export LANG=C + +# Red Hat provides a complete dump of their tracker, which includes +# unfixed issues. +# Note: The downloaded html files are Copyright by Red Hat, Inc. +# or as specified at the individual html files or elsewhere on redhat.com's website for year in $(seq 1999 $(date +%Y)); do wget -N https://www.redhat.com/security/data/cve/cve-$year.html done +sed -rn '/CVE-[12][0-9]{3}-/{s/^.+>(CVE-[12][0-9]{3}-[0-9]{4})<.+$/\1/;p}' cve-*.html | + sort > cve.list -sed -rn '/CVE-[12][0-9]{3}-/{s/^.+>(CVE-[12][0-9]{3}-[0-9]{4})<.+$/\1/;p}' cve-*.html > cve.list + +# List of issues fixed by each vendor, according to MITRE. Very +# incomplete, but it doesn't hurt to double check (including our own list) +# Note: The downloaded html files are Copyright by The MITRE Corporation +# or as specified at the individual html files or elsewhere on cve.mitre.org's website +for vendor in SUSE DEBIAN GENTOO FEDORA REDHAT UBUNTU; do + wget -N http://cve.mitre.org/data/refs/refmap/source-$vendor.html + sed -rn '/CVE-[12][0-9]{3}-/{s/^.+>(CVE-[12][0-9]{3}-[0-9]{4})<.+$/\1/;p}' source-$vendor.html | + sort > $vendor.list +done -- cgit v1.2.3