updater: use a better link for Ubuntu vulnerabilities and rename some constants

8 years ago · 2126259c99
parent 6f02119c56
commit 2126259c99
3 changed files with 18 additions and 22 deletions
--- a/updater/fetchers/debian/debian.go
+++ b/updater/fetchers/debian/debian.go
@ -31,9 +31,9 @@ import (
 )

 const (
-	url               = "https://security-tracker.debian.org/tracker/data/json"
-	cveURLPrefix      = "https://security-tracker.debian.org/tracker"
-	debianUpdaterFlag = "debianUpdater"
+	url          = "https://security-tracker.debian.org/tracker/data/json"
+	cveURLPrefix = "https://security-tracker.debian.org/tracker"
+	updaterFlag  = "debianUpdater"
 )

 var log = capnslog.NewPackageLogger("github.com/coreos/clair", "updater/fetchers/debian")
@ -71,7 +71,7 @@ func (fetcher *DebianFetcher) FetchUpdate(datastore database.Datastore) (resp up
 	}

 	// Get the SHA-1 of the latest update's JSON data
-	latestHash, err := datastore.GetKeyValue(debianUpdaterFlag)
+	latestHash, err := datastore.GetKeyValue(updaterFlag)
 	if err != nil {
 		return resp, err
 	}
@ -91,7 +91,7 @@ func buildResponse(jsonReader io.Reader, latestKnownHash string) (resp updater.F
 	// Defer the addition of flag information to the response.
 	defer func() {
 		if err == nil {
-			resp.FlagName = debianUpdaterFlag
+			resp.FlagName = updaterFlag
 			resp.FlagValue = hash
 		}
 	}()
--- a/updater/fetchers/rhel/rhel.go
+++ b/updater/fetchers/rhel/rhel.go
@ -36,9 +36,9 @@ const (
 	firstRHEL5RHSA      = 20070044
 	firstConsideredRHEL = 5

-	ovalURI         = "https://www.redhat.com/security/data/oval/"
-	rhsaFilePrefix  = "com.redhat.rhsa-"
-	rhelUpdaterFlag = "rhelUpdater"
+	ovalURI        = "https://www.redhat.com/security/data/oval/"
+	rhsaFilePrefix = "com.redhat.rhsa-"
+	updaterFlag    = "rhelUpdater"
 )

 var (
@ -96,7 +96,7 @@ func (f *RHELFetcher) FetchUpdate(datastore database.Datastore) (resp updater.Fe
 	log.Info("fetching Red Hat vulnerabilities")

 	// Get the first RHSA we have to manage.
-	flagValue, err := datastore.GetKeyValue(rhelUpdaterFlag)
+	flagValue, err := datastore.GetKeyValue(updaterFlag)
 	if err != nil {
 		return resp, err
 	}
@ -148,7 +148,7 @@ func (f *RHELFetcher) FetchUpdate(datastore database.Datastore) (resp updater.Fe

 	// Set the flag if we found anything.
 	if len(rhsaList) > 0 {
-		resp.FlagName = rhelUpdaterFlag
+		resp.FlagName = updaterFlag
 		resp.FlagValue = strconv.Itoa(rhsaList[len(rhsaList)-1])
 	} else {
 		log.Debug("no Red Hat update.")
--- a/updater/fetchers/ubuntu/ubuntu.go
+++ b/updater/fetchers/ubuntu/ubuntu.go
@ -35,9 +35,10 @@ import (
 )

 const (
-	ubuntuTrackerURI  = "https://launchpad.net/ubuntu-cve-tracker"
-	ubuntuTracker     = "lp:ubuntu-cve-tracker"
-	ubuntuUpdaterFlag = "ubuntuUpdater"
+	trackerURI        = "https://launchpad.net/ubuntu-cve-tracker"
+	trackerRepository = "lp:ubuntu-cve-tracker"
+	updaterFlag       = "ubuntuUpdater"
+	cveURL            = "http://people.ubuntu.com/~ubuntu-security/cve/%s"
 )

 var (
@ -172,7 +173,7 @@ func (fetcher *UbuntuFetcher) FetchUpdate(datastore database.Datastore) (resp up
 	}

 	// Add flag and notes.
-	resp.FlagName = ubuntuUpdaterFlag
+	resp.FlagName = updaterFlag
 	resp.FlagValue = strconv.Itoa(revisionNumber)
 	for note := range notes {
 		resp.Notes = append(resp.Notes, note)
@ -248,7 +249,7 @@ func collectModifiedVulnerabilities(revision int, dbRevision, repositoryLocalPat

 func createRepository(pathToRepo string) error {
 	// Branch repository
-	out, err := utils.Exec("/tmp/", "bzr", "branch", ubuntuTracker, pathToRepo)
+	out, err := utils.Exec("/tmp/", "bzr", "branch", trackerRepository, pathToRepo)
 	if err != nil {
 		log.Errorf("could not branch Ubuntu repository: %s. output: %s", err, out)
 		return cerrors.ErrCouldNotDownload
@ -296,12 +297,7 @@ func parseUbuntuCVE(fileContent io.Reader) (vulnerability database.Vulnerability
 		// Parse the name.
 		if strings.HasPrefix(line, "Candidate:") {
 			vulnerability.Name = strings.TrimSpace(strings.TrimPrefix(line, "Candidate:"))
-			continue
-		}
-
-		// Parse the link.
-		if vulnerability.Link == "" && strings.HasPrefix(line, "http") {
-			vulnerability.Link = strings.TrimSpace(line)
+			vulnerability.Link = fmt.Sprintf(cveURL, vulnerability.Name)
 			continue
 		}

@ -395,7 +391,7 @@ func parseUbuntuCVE(fileContent io.Reader) (vulnerability database.Vulnerability

 	// If no link has been provided (CVE-2006-NNN0 for instance), add the link to the tracker
 	if vulnerability.Link == "" {
-		vulnerability.Link = ubuntuTrackerURI
+		vulnerability.Link = trackerURI
 	}

 	// If no priority has been provided (CVE-2007-0667 for instance), set the priority to Unknown