updater: use a better link for Ubuntu vulnerabilities and rename some constants

This commit is contained in:
Quentin Machu 2016-02-08 13:37:52 -05:00 committed by Jimmy Zelinskie
parent 6f02119c56
commit 2126259c99
3 changed files with 18 additions and 22 deletions

View File

@ -31,9 +31,9 @@ import (
)
const (
url = "https://security-tracker.debian.org/tracker/data/json"
cveURLPrefix = "https://security-tracker.debian.org/tracker"
debianUpdaterFlag = "debianUpdater"
url = "https://security-tracker.debian.org/tracker/data/json"
cveURLPrefix = "https://security-tracker.debian.org/tracker"
updaterFlag = "debianUpdater"
)
var log = capnslog.NewPackageLogger("github.com/coreos/clair", "updater/fetchers/debian")
@ -71,7 +71,7 @@ func (fetcher *DebianFetcher) FetchUpdate(datastore database.Datastore) (resp up
}
// Get the SHA-1 of the latest update's JSON data
latestHash, err := datastore.GetKeyValue(debianUpdaterFlag)
latestHash, err := datastore.GetKeyValue(updaterFlag)
if err != nil {
return resp, err
}
@ -91,7 +91,7 @@ func buildResponse(jsonReader io.Reader, latestKnownHash string) (resp updater.F
// Defer the addition of flag information to the response.
defer func() {
if err == nil {
resp.FlagName = debianUpdaterFlag
resp.FlagName = updaterFlag
resp.FlagValue = hash
}
}()

View File

@ -36,9 +36,9 @@ const (
firstRHEL5RHSA = 20070044
firstConsideredRHEL = 5
ovalURI = "https://www.redhat.com/security/data/oval/"
rhsaFilePrefix = "com.redhat.rhsa-"
rhelUpdaterFlag = "rhelUpdater"
ovalURI = "https://www.redhat.com/security/data/oval/"
rhsaFilePrefix = "com.redhat.rhsa-"
updaterFlag = "rhelUpdater"
)
var (
@ -96,7 +96,7 @@ func (f *RHELFetcher) FetchUpdate(datastore database.Datastore) (resp updater.Fe
log.Info("fetching Red Hat vulnerabilities")
// Get the first RHSA we have to manage.
flagValue, err := datastore.GetKeyValue(rhelUpdaterFlag)
flagValue, err := datastore.GetKeyValue(updaterFlag)
if err != nil {
return resp, err
}
@ -148,7 +148,7 @@ func (f *RHELFetcher) FetchUpdate(datastore database.Datastore) (resp updater.Fe
// Set the flag if we found anything.
if len(rhsaList) > 0 {
resp.FlagName = rhelUpdaterFlag
resp.FlagName = updaterFlag
resp.FlagValue = strconv.Itoa(rhsaList[len(rhsaList)-1])
} else {
log.Debug("no Red Hat update.")

View File

@ -35,9 +35,10 @@ import (
)
const (
ubuntuTrackerURI = "https://launchpad.net/ubuntu-cve-tracker"
ubuntuTracker = "lp:ubuntu-cve-tracker"
ubuntuUpdaterFlag = "ubuntuUpdater"
trackerURI = "https://launchpad.net/ubuntu-cve-tracker"
trackerRepository = "lp:ubuntu-cve-tracker"
updaterFlag = "ubuntuUpdater"
cveURL = "http://people.ubuntu.com/~ubuntu-security/cve/%s"
)
var (
@ -172,7 +173,7 @@ func (fetcher *UbuntuFetcher) FetchUpdate(datastore database.Datastore) (resp up
}
// Add flag and notes.
resp.FlagName = ubuntuUpdaterFlag
resp.FlagName = updaterFlag
resp.FlagValue = strconv.Itoa(revisionNumber)
for note := range notes {
resp.Notes = append(resp.Notes, note)
@ -248,7 +249,7 @@ func collectModifiedVulnerabilities(revision int, dbRevision, repositoryLocalPat
func createRepository(pathToRepo string) error {
// Branch repository
out, err := utils.Exec("/tmp/", "bzr", "branch", ubuntuTracker, pathToRepo)
out, err := utils.Exec("/tmp/", "bzr", "branch", trackerRepository, pathToRepo)
if err != nil {
log.Errorf("could not branch Ubuntu repository: %s. output: %s", err, out)
return cerrors.ErrCouldNotDownload
@ -296,12 +297,7 @@ func parseUbuntuCVE(fileContent io.Reader) (vulnerability database.Vulnerability
// Parse the name.
if strings.HasPrefix(line, "Candidate:") {
vulnerability.Name = strings.TrimSpace(strings.TrimPrefix(line, "Candidate:"))
continue
}
// Parse the link.
if vulnerability.Link == "" && strings.HasPrefix(line, "http") {
vulnerability.Link = strings.TrimSpace(line)
vulnerability.Link = fmt.Sprintf(cveURL, vulnerability.Name)
continue
}
@ -395,7 +391,7 @@ func parseUbuntuCVE(fileContent io.Reader) (vulnerability database.Vulnerability
// If no link has been provided (CVE-2006-NNN0 for instance), add the link to the tracker
if vulnerability.Link == "" {
vulnerability.Link = ubuntuTrackerURI
vulnerability.Link = trackerURI
}
// If no priority has been provided (CVE-2007-0667 for instance), set the priority to Unknown