merge: branch '4.5.2' into merge-4.5.2-into-4.6.0

wazuh · Aug 11, 2023 · 7c9d30a · 7c9d30a
2 parents 41546a0 + 0726ece
commit 7c9d30a
Show file tree

Hide file tree

Showing 29 changed files with 77 additions and 85,068 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -58,16 +58,31 @@ Release report: TBD
 - Fix an error in the cluster performance tests related to CSV parser ([#2999](https://github.com/wazuh/wazuh-qa/pull/2999)) \- (Framework + Tests)
 - Fix bug in the framework on migration tool ([#4027](https://github.com/wazuh/wazuh-qa/pull/4027)) \- (Framework)
 
+## [4.5.2] - TBD
+
+Wazuh commit: TBD \
+Release report: TBD
+
 ## [4.5.1] - TBD
 
 Wazuh commit: TBD \
 Release report: TBD
 
+### Added
+
+- Add an integration test to check the wazuh-analysisd's decoder parser ([#4286](https://github.com/wazuh/wazuh-qa/pull/4286)) \- (Tests)
+
 ## [4.5.0] - TBD
 
 Wazuh commit: TBD \
 Release report: TBD
 
+### Changed
+
+- Delete `update_from_year` from system and E2E tests configuration ([#4372](https://github.com/wazuh/wazuh-qa/pull/4372)) \- (Tests)
+- Upgrade PyYAML to 6.0.1. ([#4326](https://github.com/wazuh/wazuh-qa/pull/4326)) \- (Framework)
+- Change Vulnerability Detector ITs to support the development of the NVD 2.0 refactor. ([#4327](https://github.com/wazuh/wazuh-qa/pull/4327)) \- (Tests)
+
 ## [4.4.5] - 10-07-2023
 
 Wazuh commit: https://github.com/wazuh/wazuh/commit/8d17d2c9c11bc10be9a31c83bc7c17dfbac0d2a0 \

diff --git a/deps/wazuh_testing/wazuh_testing/db_interface/cve_db.py b/deps/wazuh_testing/wazuh_testing/db_interface/cve_db.py
@@ -212,7 +212,7 @@ def get_metadata_timestamp(provider_os):
     return result[0]
 
 
-def get_nvd_metadata_timestamp(year):
+def get_nvd_metadata_timestamp():
     """Get the NVD timestamp data for a specific year from nvd_metadata table.
 
     Args:
@@ -221,7 +221,7 @@ def get_nvd_metadata_timestamp(year):
     Returns:
         str: Timestamp data. (example: 2022-03-03T03:00:01-05:00)
     """
-    query_string = f"SELECT timestamp FROM nvd_metadata WHERE year={year}"
+    query_string = f"SELECT timestamp FROM nvd_metadata"
     result = get_sqlite_query_result(CVE_DB_PATH, query_string)
 
     if len(result) == 0:

diff --git a/deps/wazuh_testing/wazuh_testing/modules/vulnerability_detector/__init__.py b/deps/wazuh_testing/wazuh_testing/modules/vulnerability_detector/__init__.py
@@ -181,8 +181,7 @@ def feed_is_recently_updated(provider_name, provider_os, threshold_weeks):
         boolean: True if the feed is considered recently updated, False otherwise.
     """
     if provider_name == 'National Vulnerability Database':
-        current_year = datetime.now().year
-        feed_update_timestamp = cve_db.get_nvd_metadata_timestamp(year=current_year)
+        feed_update_timestamp = cve_db.get_nvd_metadata_timestamp()
     else:
         feed_update_timestamp = cve_db.get_metadata_timestamp(provider_os=provider_os)
 

diff --git a/deps/wazuh_testing/wazuh_testing/modules/vulnerability_detector/event_monitor.py b/deps/wazuh_testing/wazuh_testing/modules/vulnerability_detector/event_monitor.py
@@ -240,17 +240,6 @@ def check_obtaining_software_failure_log(agent_id='000', num_attemps=5):
                                        f"{num_attemps} attempts. Skipping agent until the next scan.")
 
 
-def check_nvd_download_log(update_year):
-    """Check that the NVD download has started.
-
-    Args:
-        update_year (int): Year specified in <update_from_year>.
-    """
-    check_vuln_detector_event(timeout=vd.T_40, callback=fr".*Downloading .*nvdcve-\d.\d-{update_year}.meta.*",
-                              error_message='NVD feed download did not started',
-                              prefix=r'.*wazuh-modulesd:download.*')
-
-
 def check_invalid_provider_update_from_year_log(provider):
     """Check that the warning message is logged correctly.
 
@@ -259,8 +248,8 @@ def check_invalid_provider_update_from_year_log(provider):
     """
     if provider == 'redhat':
         callback = "INFO: 'update_from_year' option at module 'vulnerability-detector' is deprecated"
-    elif provider == 'msu':
-        callback = "WARNING: 'update_from_year' option cannot be used for 'msu' provider."
+    elif provider == 'msu' or provider == 'nvd':
+        callback = f"WARNING: 'update_from_year' option cannot be used for '{provider}' provider."
     else:
         callback = f"WARNING: Invalid option 'update_from_year' for '{provider}' provider at 'vulnerability-detector'"
 

diff --git a/...ulnerability_detector/test_vulnerability_detector_linux/data/playbooks/configuration.yaml b/...ulnerability_detector/test_vulnerability_detector_linux/data/playbooks/configuration.yaml
@@ -53,7 +53,6 @@
           <!-- Aggregate vulnerabilities -->
           <provider name="nvd">
           <enabled>yes</enabled>
-          <update_from_year>2021</update_from_year>
           <update_interval>1h</update_interval>
           </provider>
           </vulnerability-detector>

diff --git a/...nerability_detector/test_vulnerability_detector_windows/data/playbooks/configuration.yaml b/...nerability_detector/test_vulnerability_detector_windows/data/playbooks/configuration.yaml
@@ -66,7 +66,6 @@
           <!-- Aggregate vulnerabilities -->
           <provider name="nvd">
           <enabled>yes</enabled>
-          <update_from_year>2021</update_from_year>
           <update_interval>1h</update_interval>
           </provider>
           </vulnerability-detector>