diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2020-11-18 08:39:57 +0100 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2020-11-18 08:42:48 +0100 |
commit | f4a5d30a1dabffc53c70c3aa20e75430a4610c86 (patch) | |
tree | 894ef35a1b78481d2b5a6f4fdd7f79aecf491e13 /check-external | |
parent | 52575af516c7456f5115dc2b4897c6dd44ed003d (diff) |
external-check: Handle vendor prefixed entries
When the source-$VENDOR.html lists contain a vendor prefixed CVE entry
the external check update command will bail out:
[...]
<td>DEBIAN:CVE-2019-1010022</td>
<td>DEBIAN:CVE-2019-1010023</td>
<td>DEBIAN:CVE-2019-1010024</td>
<td>DEBIAN:CVE-2019-1010025</td>
DEBIAN.list contains garbage (see above), aborting
Allow the expression to contain a VENDOR: prefix and strip it out as
well.
Link: https://lists.debian.org/debian-security-tracker/2020/11/msg00014.html
Signed-off-by: Salvatore Bonaccorso <carnil@debian.org>
Diffstat (limited to 'check-external')
-rwxr-xr-x | check-external/update.sh | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/check-external/update.sh b/check-external/update.sh index 8121eadcbd..8ad1660d03 100755 --- a/check-external/update.sh +++ b/check-external/update.sh @@ -58,7 +58,7 @@ check_list cve.list # or as specified at the individual html files or elsewhere on cve.mitre.org's website for vendor in SUSE DEBIAN GENTOO FEDORA REDHAT UBUNTU; do wget -N http://cve.mitre.org/data/refs/refmap/source-$vendor.html - sed -rn '/CVE-[12][0-9]{3}-/{s/^.+>(CVE-[12][0-9]{3}-[0-9]{4,})<.+$/\1/;p}' source-$vendor.html | + sed -rn "/CVE-[12][0-9]{3}-/{s/^.+>($vendor:)?(CVE-[12][0-9]{3}-[0-9]{4,})<.+$/\2/;p}" source-$vendor.html | sort -u > $vendor.list check_list $vendor.list done |