arno/clair
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

updater: use a better link for Ubuntu vulnerabilities and rename some constants

Browse Source
This commit is contained in:
Quentin Machu 2016-02-08 13:37:52 -05:00 committed by Jimmy Zelinskie
parent 6f02119c56
commit 2126259c99
3 changed files with 18 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
updater/fetchers/debian/debian.go
View File

@ -31,9 +31,9 @@ import (
) )
const ( const (
url = "https://security-tracker.debian.org/tracker/data/json" url = "https://security-tracker.debian.org/tracker/data/json"
cveURLPrefix = "https://security-tracker.debian.org/tracker" cveURLPrefix = "https://security-tracker.debian.org/tracker"
debianUpdaterFlag = "debianUpdater" updaterFlag = "debianUpdater"
) )
var log = capnslog.NewPackageLogger("github.com/coreos/clair", "updater/fetchers/debian") var log = capnslog.NewPackageLogger("github.com/coreos/clair", "updater/fetchers/debian")
@ -71,7 +71,7 @@ func (fetcher *DebianFetcher) FetchUpdate(datastore database.Datastore) (resp up
} }
// Get the SHA-1 of the latest update's JSON data // Get the SHA-1 of the latest update's JSON data
latestHash, err := datastore.GetKeyValue(debianUpdaterFlag) latestHash, err := datastore.GetKeyValue(updaterFlag)
if err != nil { if err != nil {
return resp, err return resp, err
} }
@ -91,7 +91,7 @@ func buildResponse(jsonReader io.Reader, latestKnownHash string) (resp updater.F
// Defer the addition of flag information to the response. // Defer the addition of flag information to the response.
defer func() { defer func() {
if err == nil { if err == nil {
resp.FlagName = debianUpdaterFlag resp.FlagName = updaterFlag
resp.FlagValue = hash resp.FlagValue = hash
} }
}() }()

10
updater/fetchers/rhel/rhel.go
View File

@ -36,9 +36,9 @@ const (
firstRHEL5RHSA = 20070044 firstRHEL5RHSA = 20070044
firstConsideredRHEL = 5 firstConsideredRHEL = 5
ovalURI = "https://www.redhat.com/security/data/oval/" ovalURI = "https://www.redhat.com/security/data/oval/"
rhsaFilePrefix = "com.redhat.rhsa-" rhsaFilePrefix = "com.redhat.rhsa-"
rhelUpdaterFlag = "rhelUpdater" updaterFlag = "rhelUpdater"
) )
var ( var (
@ -96,7 +96,7 @@ func (f *RHELFetcher) FetchUpdate(datastore database.Datastore) (resp updater.Fe
log.Info("fetching Red Hat vulnerabilities") log.Info("fetching Red Hat vulnerabilities")
// Get the first RHSA we have to manage. // Get the first RHSA we have to manage.
flagValue, err := datastore.GetKeyValue(rhelUpdaterFlag) flagValue, err := datastore.GetKeyValue(updaterFlag)
if err != nil { if err != nil {
return resp, err return resp, err
} }
@ -148,7 +148,7 @@ func (f *RHELFetcher) FetchUpdate(datastore database.Datastore) (resp updater.Fe
// Set the flag if we found anything. // Set the flag if we found anything.
if len(rhsaList) > 0 { if len(rhsaList) > 0 {
resp.FlagName = rhelUpdaterFlag resp.FlagName = updaterFlag
resp.FlagValue = strconv.Itoa(rhsaList[len(rhsaList)-1]) resp.FlagValue = strconv.Itoa(rhsaList[len(rhsaList)-1])
} else { } else {
log.Debug("no Red Hat update.") log.Debug("no Red Hat update.")

20
updater/fetchers/ubuntu/ubuntu.go
View File

@ -35,9 +35,10 @@ import (
) )
const ( const (
ubuntuTrackerURI = "https://launchpad.net/ubuntu-cve-tracker" trackerURI = "https://launchpad.net/ubuntu-cve-tracker"
ubuntuTracker = "lp:ubuntu-cve-tracker" trackerRepository = "lp:ubuntu-cve-tracker"
ubuntuUpdaterFlag = "ubuntuUpdater" updaterFlag = "ubuntuUpdater"
cveURL = "http://people.ubuntu.com/~ubuntu-security/cve/%s"
) )
var ( var (
@ -172,7 +173,7 @@ func (fetcher *UbuntuFetcher) FetchUpdate(datastore database.Datastore) (resp up
} }
// Add flag and notes. // Add flag and notes.
resp.FlagName = ubuntuUpdaterFlag resp.FlagName = updaterFlag
resp.FlagValue = strconv.Itoa(revisionNumber) resp.FlagValue = strconv.Itoa(revisionNumber)
for note := range notes { for note := range notes {
resp.Notes = append(resp.Notes, note) resp.Notes = append(resp.Notes, note)
@ -248,7 +249,7 @@ func collectModifiedVulnerabilities(revision int, dbRevision, repositoryLocalPat
func createRepository(pathToRepo string) error { func createRepository(pathToRepo string) error {
// Branch repository // Branch repository
out, err := utils.Exec("/tmp/", "bzr", "branch", ubuntuTracker, pathToRepo) out, err := utils.Exec("/tmp/", "bzr", "branch", trackerRepository, pathToRepo)
if err != nil { if err != nil {
log.Errorf("could not branch Ubuntu repository: %s. output: %s", err, out) log.Errorf("could not branch Ubuntu repository: %s. output: %s", err, out)
return cerrors.ErrCouldNotDownload return cerrors.ErrCouldNotDownload
@ -296,12 +297,7 @@ func parseUbuntuCVE(fileContent io.Reader) (vulnerability database.Vulnerability
// Parse the name. // Parse the name.
if strings.HasPrefix(line, "Candidate:") { if strings.HasPrefix(line, "Candidate:") {
vulnerability.Name = strings.TrimSpace(strings.TrimPrefix(line, "Candidate:")) vulnerability.Name = strings.TrimSpace(strings.TrimPrefix(line, "Candidate:"))
continue vulnerability.Link = fmt.Sprintf(cveURL, vulnerability.Name)
}
// Parse the link.
if vulnerability.Link == "" && strings.HasPrefix(line, "http") {
vulnerability.Link = strings.TrimSpace(line)
continue continue
} }
@ -395,7 +391,7 @@ func parseUbuntuCVE(fileContent io.Reader) (vulnerability database.Vulnerability
// If no link has been provided (CVE-2006-NNN0 for instance), add the link to the tracker // If no link has been provided (CVE-2006-NNN0 for instance), add the link to the tracker
if vulnerability.Link == "" { if vulnerability.Link == "" {
vulnerability.Link = ubuntuTrackerURI vulnerability.Link = trackerURI
} }
// If no priority has been provided (CVE-2007-0667 for instance), set the priority to Unknown // If no priority has been provided (CVE-2007-0667 for instance), set the priority to Unknown