Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): update goval-dictionary #1973

Merged
merged 1 commit into from
Jun 25, 2024
Merged

chore(deps): update goval-dictionary #1973

merged 1 commit into from
Jun 25, 2024

Conversation

MaineK00n
Copy link
Collaborator

@MaineK00n MaineK00n commented Jun 23, 2024
edited
Loading

If this Pull Request is work in progress, Add a prefix of “[WIP]” in the title.

What did you implement:

The following PR changes the Key of Redis and uses a function that uses the key, so you need to update mod.
refs. vulsio/goval-dictionary#402

Type of change

  • Breaking change (fix or feature that would cause existing functionality to not work as expected)

How Has This Been Tested?

setup

$ cat config.toml
...
[ovalDict]
type = "redis"
url = "redis://127.0.0.1:6379/1"
...

$ vuls scan
[Jun 24 11:53:47]  INFO [localhost] vuls-v0.26.0-rc2-build-20240624_115303_86d3681
[Jun 24 11:53:47]  INFO [localhost] Start scanning
[Jun 24 11:53:47]  INFO [localhost] config: /home/vuls/config.toml
[Jun 24 11:53:47]  INFO [localhost] Validating config...
[Jun 24 11:53:47]  INFO [localhost] Detecting Server/Container OS... 
[Jun 24 11:53:47]  INFO [localhost] Detecting OS of servers... 
[Jun 24 11:53:47]  INFO [localhost] (1/1) Detected: docker: oracle 8.10
[Jun 24 11:53:47]  INFO [localhost] Detecting OS of containers... 
[Jun 24 11:53:47]  INFO [localhost] Checking Scan Modes... 
[Jun 24 11:53:47]  INFO [localhost] Detecting Platforms... 
[Jun 24 11:53:49]  INFO [localhost] (1/1) docker is running on other
[Jun 24 11:53:49]  INFO [docker] Scanning OS pkg in fast mode


Scan Summary
================
docker	oracle8.10	235 installed





To view the detail, vuls tui is useful.
To send a report, run vuls report -h.

before

$ goval-dictionary version
goval-dictionary v0.9.5 86ee796

$ docker run --rm -d -p 127.0.0.1:6379:6379 redis
$ goval-dictionary fetch oracle 8 --dbtype redis --dbpath "redis://127.0.0.1:6379/1"
INFO[06-24|11:56:34] Fetching...                              URL=https://linux.oracle.com/security/oval/com.oracle.elsa-all.xml.bz2
INFO[06-24|11:56:43] Fetched                                  File=com.oracle.elsa-all.xml.bz2 Count=6529 Timestamp=2024-06-21T10:32:07
INFO[06-24|11:56:43] Refreshing...                            Family=oracle Version=8
1760 / 1760 [------------------------------------------------------------------------------------------] 100.00% ? p/s
INFO[06-24|11:56:43] Finish                                   Updated=1760

$ vuls report
[Jun 24 11:57:18]  INFO [localhost] vuls-v0.26.0-rc2-build-20240624_115303_86d3681
...
[Jun 24 11:57:18]  INFO [localhost] ovalDict.type=redis, ovalDict.url=redis://127.0.0.1:6379/1, ovalDict.SQLite3Path=
...
[Jun 24 11:57:18]  INFO [localhost] OVAL oracle 8.10 found. defs: 1760
[Jun 24 11:57:18]  INFO [localhost] OVAL oracle 8.10 is fresh. lastModified: 2024-06-24T11:56:43Z
[Jun 24 11:57:18]  INFO [localhost] docker: 12 CVEs are detected with OVAL
[Jun 24 11:57:18]  INFO [localhost] docker: 0 unfixed CVEs are detected with gost
[Jun 24 11:57:18]  INFO [localhost] docker: 0 CVEs are detected with CPE
[Jun 24 11:57:18]  INFO [localhost] docker: 0 PoC are detected
[Jun 24 11:57:18]  INFO [localhost] docker: 0 exploits are detected
[Jun 24 11:57:18]  INFO [localhost] docker: Known Exploited Vulnerabilities are detected for 0 CVEs
[Jun 24 11:57:18]  INFO [localhost] docker: Cyber Threat Intelligences are detected for 0 CVEs
[Jun 24 11:57:18]  INFO [localhost] docker: total 12 CVEs detected
[Jun 24 11:57:18]  INFO [localhost] docker: 0 CVEs filtered by --confidence-over=80
docker (oracle8.10)
===================
Total: 12 (Critical:0 High:6 Medium:6 Low:0 ?:0)
12/12 Fixed, 0 poc, 0 exploits, cisa: 0, uscert: 0, jpcert: 0 alerts
235 installed

+----------------+------+--------+-----+-----------+---------+--------------------------------+
|     CVE-ID     | CVSS | ATTACK | POC |   ALERT   |  FIXED  |            PACKAGES            |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2016-10228 |  8.9 |        |     |           |   fixed | glibc, glibc-common,           |
|                |      |        |     |           |         | glibc-langpack-en              |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2019-25013 |  8.9 |        |     |           |   fixed | glibc, glibc-common,           |
|                |      |        |     |           |         | glibc-langpack-en              |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2019-9169  |  8.9 |        |     |           |   fixed | glibc, glibc-common,           |
|                |      |        |     |           |         | glibc-langpack-en              |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2020-27618 |  8.9 |        |     |           |   fixed | glibc, glibc-common,           |
|                |      |        |     |           |         | glibc-langpack-en              |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-3326  |  8.9 |        |     |           |   fixed | glibc, glibc-common,           |
|                |      |        |     |           |         | glibc-langpack-en              |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-40528 |  8.9 |        |     |           |   fixed | libgcrypt                      |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-20231 |  6.9 |        |     |           |   fixed | gnutls                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-20232 |  6.9 |        |     |           |   fixed | gnutls                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-33560 |  6.9 |        |     |           |   fixed | libgcrypt                      |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-3580  |  6.9 |        |     |           |   fixed | gnutls                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-0553  |  6.9 |        |     |           |   fixed | gnutls                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-28834 |  6.9 |        |     |           |   fixed | gnutls                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+

after

$ goval-dictionary version
goval-dictionary v0.9.5 4636576

$ docker run --rm -d -p 127.0.0.1:6379:6379 redis
$ goval-dictionary fetch oracle 8 --dbtype redis --dbpath "redis://127.0.0.1:6379/1"
INFO[06-24|12:00:48] Fetching...                              URL=https://linux.oracle.com/security/oval/com.oracle.elsa-all.xml.bz2
INFO[06-24|12:00:56] Fetched                                  File=com.oracle.elsa-all.xml.bz2 Count=6529 Timestamp=2024-06-21T10:32:07
INFO[06-24|12:00:56] Refreshing...                            Family=oracle Version=8
1760 / 1760 [------------------------------------------------------------------------------------------] 100.00% ? p/s
INFO[06-24|12:00:56] Finish                                   Updated=1760

$ vuls report
[Jun 24 12:01:35]  INFO [localhost] vuls-v0.26.0-rc2-build-20240624_115815_38c7c80
...
[Jun 24 12:01:35]  INFO [localhost] ovalDict.type=redis, ovalDict.url=redis://127.0.0.1:6379/1, ovalDict.SQLite3Path=
...
[Jun 24 12:01:35]  INFO [localhost] OVAL oracle 8.10 found. defs: 1760
[Jun 24 12:01:35]  INFO [localhost] OVAL oracle 8.10 is fresh. lastModified: 2024-06-24T12:00:56Z
[Jun 24 12:01:35]  INFO [localhost] docker: 12 CVEs are detected with OVAL
[Jun 24 12:01:35]  INFO [localhost] docker: 0 unfixed CVEs are detected with gost
[Jun 24 12:01:35]  INFO [localhost] docker: 0 CVEs are detected with CPE
[Jun 24 12:01:35]  INFO [localhost] docker: 0 PoC are detected
[Jun 24 12:01:35]  INFO [localhost] docker: 0 exploits are detected
[Jun 24 12:01:35]  INFO [localhost] docker: Known Exploited Vulnerabilities are detected for 0 CVEs
[Jun 24 12:01:35]  INFO [localhost] docker: Cyber Threat Intelligences are detected for 0 CVEs
[Jun 24 12:01:35]  INFO [localhost] docker: total 12 CVEs detected
[Jun 24 12:01:35]  INFO [localhost] docker: 0 CVEs filtered by --confidence-over=80
docker (oracle8.10)
===================
Total: 12 (Critical:0 High:6 Medium:6 Low:0 ?:0)
12/12 Fixed, 0 poc, 0 exploits, cisa: 0, uscert: 0, jpcert: 0 alerts
235 installed

+----------------+------+--------+-----+-----------+---------+--------------------------------+
|     CVE-ID     | CVSS | ATTACK | POC |   ALERT   |  FIXED  |            PACKAGES            |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2016-10228 |  8.9 |        |     |           |   fixed | glibc, glibc-common,           |
|                |      |        |     |           |         | glibc-langpack-en              |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2019-25013 |  8.9 |        |     |           |   fixed | glibc, glibc-common,           |
|                |      |        |     |           |         | glibc-langpack-en              |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2019-9169  |  8.9 |        |     |           |   fixed | glibc, glibc-common,           |
|                |      |        |     |           |         | glibc-langpack-en              |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2020-27618 |  8.9 |        |     |           |   fixed | glibc, glibc-common,           |
|                |      |        |     |           |         | glibc-langpack-en              |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-3326  |  8.9 |        |     |           |   fixed | glibc, glibc-common,           |
|                |      |        |     |           |         | glibc-langpack-en              |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-40528 |  8.9 |        |     |           |   fixed | libgcrypt                      |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-20231 |  6.9 |        |     |           |   fixed | gnutls                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-20232 |  6.9 |        |     |           |   fixed | gnutls                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-33560 |  6.9 |        |     |           |   fixed | libgcrypt                      |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-3580  |  6.9 |        |     |           |   fixed | gnutls                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-0553  |  6.9 |        |     |           |   fixed | gnutls                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-28834 |  6.9 |        |     |           |   fixed | gnutls                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+

Checklist:

You don't have to satisfy all of the following.

  • Write tests
  • Write documentation
  • Check that there aren't other open pull requests for the same issue/feature
  • Format your source code by make fmt
  • Pass the test by make test
  • Provide verification config / commands
  • Enable "Allow edits from maintainers" for this PR
  • Update the messages below

Is this ready for review?: YES

Reference

@MaineK00n MaineK00n self-assigned this Jun 23, 2024
@MaineK00n MaineK00n requested a review from shino June 25, 2024 07:42
@MaineK00n MaineK00n marked this pull request as ready for review June 25, 2024 07:42
shino
shino approved these changes Jun 25, 2024
View reviewed changes
Copy link
Collaborator

@shino shino left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yay!

@MaineK00n MaineK00n merged commit 0a47a26 into master Jun 25, 2024
7 checks passed
@MaineK00n MaineK00n deleted the MaineK00n/goval-dictionary branch June 25, 2024 08:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@shino shino shino approved these changes

Assignees

@MaineK00n MaineK00n

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@MaineK00n @shino