updater: use a better link for Ubuntu vulnerabilities and rename some constants
This commit is contained in:
parent
6f02119c56
commit
2126259c99
@ -33,7 +33,7 @@ import (
|
|||||||
const (
|
const (
|
||||||
url = "https://security-tracker.debian.org/tracker/data/json"
|
url = "https://security-tracker.debian.org/tracker/data/json"
|
||||||
cveURLPrefix = "https://security-tracker.debian.org/tracker"
|
cveURLPrefix = "https://security-tracker.debian.org/tracker"
|
||||||
debianUpdaterFlag = "debianUpdater"
|
updaterFlag = "debianUpdater"
|
||||||
)
|
)
|
||||||
|
|
||||||
var log = capnslog.NewPackageLogger("github.com/coreos/clair", "updater/fetchers/debian")
|
var log = capnslog.NewPackageLogger("github.com/coreos/clair", "updater/fetchers/debian")
|
||||||
@ -71,7 +71,7 @@ func (fetcher *DebianFetcher) FetchUpdate(datastore database.Datastore) (resp up
|
|||||||
}
|
}
|
||||||
|
|
||||||
// Get the SHA-1 of the latest update's JSON data
|
// Get the SHA-1 of the latest update's JSON data
|
||||||
latestHash, err := datastore.GetKeyValue(debianUpdaterFlag)
|
latestHash, err := datastore.GetKeyValue(updaterFlag)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return resp, err
|
return resp, err
|
||||||
}
|
}
|
||||||
@ -91,7 +91,7 @@ func buildResponse(jsonReader io.Reader, latestKnownHash string) (resp updater.F
|
|||||||
// Defer the addition of flag information to the response.
|
// Defer the addition of flag information to the response.
|
||||||
defer func() {
|
defer func() {
|
||||||
if err == nil {
|
if err == nil {
|
||||||
resp.FlagName = debianUpdaterFlag
|
resp.FlagName = updaterFlag
|
||||||
resp.FlagValue = hash
|
resp.FlagValue = hash
|
||||||
}
|
}
|
||||||
}()
|
}()
|
||||||
|
@ -38,7 +38,7 @@ const (
|
|||||||
|
|
||||||
ovalURI = "https://www.redhat.com/security/data/oval/"
|
ovalURI = "https://www.redhat.com/security/data/oval/"
|
||||||
rhsaFilePrefix = "com.redhat.rhsa-"
|
rhsaFilePrefix = "com.redhat.rhsa-"
|
||||||
rhelUpdaterFlag = "rhelUpdater"
|
updaterFlag = "rhelUpdater"
|
||||||
)
|
)
|
||||||
|
|
||||||
var (
|
var (
|
||||||
@ -96,7 +96,7 @@ func (f *RHELFetcher) FetchUpdate(datastore database.Datastore) (resp updater.Fe
|
|||||||
log.Info("fetching Red Hat vulnerabilities")
|
log.Info("fetching Red Hat vulnerabilities")
|
||||||
|
|
||||||
// Get the first RHSA we have to manage.
|
// Get the first RHSA we have to manage.
|
||||||
flagValue, err := datastore.GetKeyValue(rhelUpdaterFlag)
|
flagValue, err := datastore.GetKeyValue(updaterFlag)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return resp, err
|
return resp, err
|
||||||
}
|
}
|
||||||
@ -148,7 +148,7 @@ func (f *RHELFetcher) FetchUpdate(datastore database.Datastore) (resp updater.Fe
|
|||||||
|
|
||||||
// Set the flag if we found anything.
|
// Set the flag if we found anything.
|
||||||
if len(rhsaList) > 0 {
|
if len(rhsaList) > 0 {
|
||||||
resp.FlagName = rhelUpdaterFlag
|
resp.FlagName = updaterFlag
|
||||||
resp.FlagValue = strconv.Itoa(rhsaList[len(rhsaList)-1])
|
resp.FlagValue = strconv.Itoa(rhsaList[len(rhsaList)-1])
|
||||||
} else {
|
} else {
|
||||||
log.Debug("no Red Hat update.")
|
log.Debug("no Red Hat update.")
|
||||||
|
@ -35,9 +35,10 @@ import (
|
|||||||
)
|
)
|
||||||
|
|
||||||
const (
|
const (
|
||||||
ubuntuTrackerURI = "https://launchpad.net/ubuntu-cve-tracker"
|
trackerURI = "https://launchpad.net/ubuntu-cve-tracker"
|
||||||
ubuntuTracker = "lp:ubuntu-cve-tracker"
|
trackerRepository = "lp:ubuntu-cve-tracker"
|
||||||
ubuntuUpdaterFlag = "ubuntuUpdater"
|
updaterFlag = "ubuntuUpdater"
|
||||||
|
cveURL = "http://people.ubuntu.com/~ubuntu-security/cve/%s"
|
||||||
)
|
)
|
||||||
|
|
||||||
var (
|
var (
|
||||||
@ -172,7 +173,7 @@ func (fetcher *UbuntuFetcher) FetchUpdate(datastore database.Datastore) (resp up
|
|||||||
}
|
}
|
||||||
|
|
||||||
// Add flag and notes.
|
// Add flag and notes.
|
||||||
resp.FlagName = ubuntuUpdaterFlag
|
resp.FlagName = updaterFlag
|
||||||
resp.FlagValue = strconv.Itoa(revisionNumber)
|
resp.FlagValue = strconv.Itoa(revisionNumber)
|
||||||
for note := range notes {
|
for note := range notes {
|
||||||
resp.Notes = append(resp.Notes, note)
|
resp.Notes = append(resp.Notes, note)
|
||||||
@ -248,7 +249,7 @@ func collectModifiedVulnerabilities(revision int, dbRevision, repositoryLocalPat
|
|||||||
|
|
||||||
func createRepository(pathToRepo string) error {
|
func createRepository(pathToRepo string) error {
|
||||||
// Branch repository
|
// Branch repository
|
||||||
out, err := utils.Exec("/tmp/", "bzr", "branch", ubuntuTracker, pathToRepo)
|
out, err := utils.Exec("/tmp/", "bzr", "branch", trackerRepository, pathToRepo)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Errorf("could not branch Ubuntu repository: %s. output: %s", err, out)
|
log.Errorf("could not branch Ubuntu repository: %s. output: %s", err, out)
|
||||||
return cerrors.ErrCouldNotDownload
|
return cerrors.ErrCouldNotDownload
|
||||||
@ -296,12 +297,7 @@ func parseUbuntuCVE(fileContent io.Reader) (vulnerability database.Vulnerability
|
|||||||
// Parse the name.
|
// Parse the name.
|
||||||
if strings.HasPrefix(line, "Candidate:") {
|
if strings.HasPrefix(line, "Candidate:") {
|
||||||
vulnerability.Name = strings.TrimSpace(strings.TrimPrefix(line, "Candidate:"))
|
vulnerability.Name = strings.TrimSpace(strings.TrimPrefix(line, "Candidate:"))
|
||||||
continue
|
vulnerability.Link = fmt.Sprintf(cveURL, vulnerability.Name)
|
||||||
}
|
|
||||||
|
|
||||||
// Parse the link.
|
|
||||||
if vulnerability.Link == "" && strings.HasPrefix(line, "http") {
|
|
||||||
vulnerability.Link = strings.TrimSpace(line)
|
|
||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -395,7 +391,7 @@ func parseUbuntuCVE(fileContent io.Reader) (vulnerability database.Vulnerability
|
|||||||
|
|
||||||
// If no link has been provided (CVE-2006-NNN0 for instance), add the link to the tracker
|
// If no link has been provided (CVE-2006-NNN0 for instance), add the link to the tracker
|
||||||
if vulnerability.Link == "" {
|
if vulnerability.Link == "" {
|
||||||
vulnerability.Link = ubuntuTrackerURI
|
vulnerability.Link = trackerURI
|
||||||
}
|
}
|
||||||
|
|
||||||
// If no priority has been provided (CVE-2007-0667 for instance), set the priority to Unknown
|
// If no priority has been provided (CVE-2007-0667 for instance), set the priority to Unknown
|
||||||
|
Loading…
Reference in New Issue
Block a user