Merge pull request #671 from ericysim/amazon
Add updaters for Amazon Linux 2018.03 and Amazon Linux 2
This commit is contained in:
commit
5fef44dd04
@ -17,21 +17,23 @@ All of these components can be found in the `ext/` directory.
|
||||
|
||||
## Data Sources for the built-in drivers
|
||||
|
||||
| Data Source | Data Collected | Format | License |
|
||||
|-------------------------------|--------------------------------------------------------------------------|--------|-----------------|
|
||||
| [Debian Security Bug Tracker] | Debian 6, 7, 8, unstable namespaces | [dpkg] | [Debian] |
|
||||
| [Ubuntu CVE Tracker] | Ubuntu 12.04, 12.10, 13.04, 14.04, 14.10, 15.04, 15.10, 16.04 namespaces | [dpkg] | [GPLv2] |
|
||||
| [Red Hat Security Data] | CentOS 5, 6, 7 namespaces | [rpm] | [CVRF] |
|
||||
| [Oracle Linux Security Data] | Oracle Linux 5, 6, 7 namespaces | [rpm] | [CVRF] |
|
||||
| [SUSE OVAL Descriptions] | openSUSE, SUSE Linux Enterprise namespaces | [rpm] | [CC-BY-NC-4.0] |
|
||||
| [Alpine SecDB] | Alpine 3.3, Alpine 3.4, Alpine 3.5 namespaces | [apk] | [MIT] |
|
||||
| [NIST NVD] | Generic Vulnerability Metadata | N/A | [Public Domain] |
|
||||
| Data Source | Data Collected | Format | License |
|
||||
|------------------------------------|--------------------------------------------------------------------------|--------|-----------------|
|
||||
| [Debian Security Bug Tracker] | Debian 6, 7, 8, unstable namespaces | [dpkg] | [Debian] |
|
||||
| [Ubuntu CVE Tracker] | Ubuntu 12.04, 12.10, 13.04, 14.04, 14.10, 15.04, 15.10, 16.04 namespaces | [dpkg] | [GPLv2] |
|
||||
| [Red Hat Security Data] | CentOS 5, 6, 7 namespaces | [rpm] | [CVRF] |
|
||||
| [Oracle Linux Security Data] | Oracle Linux 5, 6, 7 namespaces | [rpm] | [CVRF] |
|
||||
| [Amazon Linux Security Advisories] | Amazon Linux 2018.03, 2 namespaces | [rpm] | [MIT-0] |
|
||||
| [SUSE OVAL Descriptions] | openSUSE, SUSE Linux Enterprise namespaces | [rpm] | [CC-BY-NC-4.0] |
|
||||
| [Alpine SecDB] | Alpine 3.3, Alpine 3.4, Alpine 3.5 namespaces | [apk] | [MIT] |
|
||||
| [NIST NVD] | Generic Vulnerability Metadata | N/A | [Public Domain] |
|
||||
|
||||
[Debian Security Bug Tracker]: https://security-tracker.debian.org/tracker
|
||||
[Ubuntu CVE Tracker]: https://launchpad.net/ubuntu-cve-tracker
|
||||
[Red Hat Security Data]: https://www.redhat.com/security/data/metrics
|
||||
[Oracle Linux Security Data]: https://linux.oracle.com/security/
|
||||
[SUSE OVAL Descriptions]: https://www.suse.com/de-de/support/security/oval/
|
||||
[Amazon Linux Security Advisories]: https://alas.aws.amazon.com/
|
||||
[NIST NVD]: https://nvd.nist.gov
|
||||
[dpkg]: https://en.wikipedia.org/wiki/dpkg
|
||||
[rpm]: http://www.rpm.org
|
||||
@ -42,6 +44,7 @@ All of these components can be found in the `ext/` directory.
|
||||
[Alpine SecDB]: http://git.alpinelinux.org/cgit/alpine-secdb/
|
||||
[apk]: http://git.alpinelinux.org/cgit/apk-tools/
|
||||
[MIT]: https://gist.github.com/jzelinskie/6da1e2da728424d88518be2adbd76979
|
||||
[MIT-0]: https://spdx.org/licenses/MIT-0.html
|
||||
[CC-BY-NC-4.0]: https://creativecommons.org/licenses/by-nc/4.0/]
|
||||
|
||||
## Adding new drivers
|
||||
|
@ -52,6 +52,7 @@ import (
|
||||
_ "github.com/coreos/clair/ext/notification/webhook"
|
||||
_ "github.com/coreos/clair/ext/vulnmdsrc/nvd"
|
||||
_ "github.com/coreos/clair/ext/vulnsrc/alpine"
|
||||
_ "github.com/coreos/clair/ext/vulnsrc/amzn"
|
||||
_ "github.com/coreos/clair/ext/vulnsrc/debian"
|
||||
_ "github.com/coreos/clair/ext/vulnsrc/oracle"
|
||||
_ "github.com/coreos/clair/ext/vulnsrc/rhel"
|
||||
|
349
ext/vulnsrc/amzn/amzn.go
Normal file
349
ext/vulnsrc/amzn/amzn.go
Normal file
@ -0,0 +1,349 @@
|
||||
// Copyright 2019 clair authors
|
||||
//
|
||||
// Licensed under the Apache License, Version 2.0 (the "License");
|
||||
// you may not use this file except in compliance with the License.
|
||||
// You may obtain a copy of the License at
|
||||
//
|
||||
// http://www.apache.org/licenses/LICENSE-2.0
|
||||
//
|
||||
// Unless required by applicable law or agreed to in writing, software
|
||||
// distributed under the License is distributed on an "AS IS" BASIS,
|
||||
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
// See the License for the specific language governing permissions and
|
||||
// limitations under the License.
|
||||
|
||||
// Package amzn implements a vulnerability source updater using
|
||||
// ALAS (Amazon Linux Security Advisories).
|
||||
package amzn
|
||||
|
||||
import (
|
||||
"bufio"
|
||||
"compress/gzip"
|
||||
"encoding/xml"
|
||||
"fmt"
|
||||
"io"
|
||||
"regexp"
|
||||
"strings"
|
||||
|
||||
log "github.com/sirupsen/logrus"
|
||||
|
||||
"github.com/coreos/clair/database"
|
||||
"github.com/coreos/clair/ext/versionfmt"
|
||||
"github.com/coreos/clair/ext/versionfmt/rpm"
|
||||
"github.com/coreos/clair/ext/vulnsrc"
|
||||
"github.com/coreos/clair/pkg/commonerr"
|
||||
"github.com/coreos/clair/pkg/httputil"
|
||||
)
|
||||
|
||||
const (
|
||||
amazonLinux1UpdaterFlag = "amazonLinux1Updater"
|
||||
amazonLinux1MirrorListURI = "http://repo.us-west-2.amazonaws.com/2018.03/updates/x86_64/mirror.list"
|
||||
amazonLinux1Name = "Amazon Linux 2018.03"
|
||||
amazonLinux1Namespace = "amzn:2018.03"
|
||||
amazonLinux1LinkFormat = "https://alas.aws.amazon.com/%s.html"
|
||||
|
||||
amazonLinux2UpdaterFlag = "amazonLinux2Updater"
|
||||
amazonLinux2MirrorListURI = "https://cdn.amazonlinux.com/2/core/latest/x86_64/mirror.list"
|
||||
amazonLinux2Name = "Amazon Linux 2"
|
||||
amazonLinux2Namespace = "amzn:2"
|
||||
amazonLinux2LinkFormat = "https://alas.aws.amazon.com/AL2/%s.html"
|
||||
)
|
||||
|
||||
type updater struct {
|
||||
UpdaterFlag string
|
||||
MirrorListURI string
|
||||
Name string
|
||||
Namespace string
|
||||
LinkFormat string
|
||||
}
|
||||
|
||||
func init() {
|
||||
// Register updater for Amazon Linux 2018.03.
|
||||
amazonLinux1Updater := updater{
|
||||
UpdaterFlag: amazonLinux1UpdaterFlag,
|
||||
MirrorListURI: amazonLinux1MirrorListURI,
|
||||
Name: amazonLinux1Name,
|
||||
Namespace: amazonLinux1Namespace,
|
||||
LinkFormat: amazonLinux1LinkFormat,
|
||||
}
|
||||
vulnsrc.RegisterUpdater("amzn1", &amazonLinux1Updater)
|
||||
|
||||
// Register updater for Amazon Linux 2.
|
||||
amazonLinux2Updater := updater{
|
||||
UpdaterFlag: amazonLinux2UpdaterFlag,
|
||||
MirrorListURI: amazonLinux2MirrorListURI,
|
||||
Name: amazonLinux2Name,
|
||||
Namespace: amazonLinux2Namespace,
|
||||
LinkFormat: amazonLinux2LinkFormat,
|
||||
}
|
||||
vulnsrc.RegisterUpdater("amzn2", &amazonLinux2Updater)
|
||||
}
|
||||
|
||||
func (u *updater) Update(datastore database.Datastore) (vulnsrc.UpdateResponse, error) {
|
||||
log.WithField("package", u.Name).Info("Start fetching vulnerabilities")
|
||||
|
||||
// Get the flag value (the timestamp of the latest ALAS of the previous update).
|
||||
flagValue, found, err := database.FindKeyValueAndRollback(datastore, u.UpdaterFlag)
|
||||
if err != nil {
|
||||
return vulnsrc.UpdateResponse{}, err
|
||||
}
|
||||
|
||||
if !found {
|
||||
flagValue = ""
|
||||
}
|
||||
|
||||
var timestamp string
|
||||
|
||||
// Get the ALASs from updateinfo.xml.gz from the repos.
|
||||
updateInfo, err := u.getUpdateInfo()
|
||||
if err != nil {
|
||||
return vulnsrc.UpdateResponse{}, err
|
||||
}
|
||||
|
||||
// Get the ALASs which were issued/updated since the previous update.
|
||||
var alasList []ALAS
|
||||
for _, alas := range updateInfo.ALASList {
|
||||
if compareTimestamp(alas.Updated.Date, flagValue) > 0 {
|
||||
alasList = append(alasList, alas)
|
||||
|
||||
if compareTimestamp(alas.Updated.Date, timestamp) > 0 {
|
||||
timestamp = alas.Updated.Date
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// Get the vulnerabilities.
|
||||
vulnerabilities := u.alasListToVulnerabilities(alasList)
|
||||
|
||||
response := vulnsrc.UpdateResponse{
|
||||
Vulnerabilities: vulnerabilities,
|
||||
}
|
||||
|
||||
// Set the flag value.
|
||||
if timestamp != "" {
|
||||
response.FlagName = u.UpdaterFlag
|
||||
response.FlagValue = timestamp
|
||||
} else {
|
||||
log.WithField("package", u.Name).Debug("no update")
|
||||
}
|
||||
|
||||
return response, err
|
||||
}
|
||||
|
||||
func (u *updater) Clean() {
|
||||
|
||||
}
|
||||
|
||||
func (u *updater) getUpdateInfo() (UpdateInfo, error) {
|
||||
// Get the URI of updateinfo.xml.gz.
|
||||
updateInfoURI, err := u.getUpdateInfoURI()
|
||||
if err != nil {
|
||||
return UpdateInfo{}, err
|
||||
}
|
||||
|
||||
// Download updateinfo.xml.gz.
|
||||
updateInfoResponse, err := httputil.GetWithUserAgent(updateInfoURI)
|
||||
if err != nil {
|
||||
log.WithError(err).Error("could not download updateinfo.xml.gz")
|
||||
return UpdateInfo{}, commonerr.ErrCouldNotDownload
|
||||
}
|
||||
defer updateInfoResponse.Body.Close()
|
||||
|
||||
if !httputil.Status2xx(updateInfoResponse) {
|
||||
log.WithField("StatusCode", updateInfoResponse.StatusCode).Error("could not download updateinfo.xml.gz")
|
||||
return UpdateInfo{}, commonerr.ErrCouldNotDownload
|
||||
}
|
||||
|
||||
// Decompress updateinfo.xml.gz.
|
||||
updateInfoXml, err := gzip.NewReader(updateInfoResponse.Body)
|
||||
if err != nil {
|
||||
log.WithError(err).Error("could not decompress updateinfo.xml.gz")
|
||||
return UpdateInfo{}, commonerr.ErrCouldNotParse
|
||||
}
|
||||
defer updateInfoXml.Close()
|
||||
|
||||
// Decode updateinfo.xml.
|
||||
updateInfo, err := decodeUpdateInfo(updateInfoXml)
|
||||
if err != nil {
|
||||
log.WithError(err).Error("could not decode updateinfo.xml")
|
||||
return UpdateInfo{}, commonerr.ErrCouldNotParse
|
||||
}
|
||||
|
||||
return updateInfo, nil
|
||||
}
|
||||
|
||||
func (u *updater) getUpdateInfoURI() (string, error) {
|
||||
// Download mirror.list
|
||||
mirrorListResponse, err := httputil.GetWithUserAgent(u.MirrorListURI)
|
||||
if err != nil {
|
||||
log.WithError(err).Error("could not download mirror list")
|
||||
return "", commonerr.ErrCouldNotDownload
|
||||
}
|
||||
defer mirrorListResponse.Body.Close()
|
||||
|
||||
if !httputil.Status2xx(mirrorListResponse) {
|
||||
log.WithField("StatusCode", mirrorListResponse.StatusCode).Error("could not download mirror list")
|
||||
return "", commonerr.ErrCouldNotDownload
|
||||
}
|
||||
|
||||
// Parse the URI of the first mirror.
|
||||
scanner := bufio.NewScanner(mirrorListResponse.Body)
|
||||
success := scanner.Scan()
|
||||
if success != true {
|
||||
log.WithError(err).Error("could not parse mirror list")
|
||||
}
|
||||
mirrorURI := scanner.Text()
|
||||
|
||||
// Download repomd.xml.
|
||||
repoMdURI := mirrorURI + "/repodata/repomd.xml"
|
||||
repoMdResponse, err := httputil.GetWithUserAgent(repoMdURI)
|
||||
if err != nil {
|
||||
log.WithError(err).Error("could not download repomd.xml")
|
||||
return "", commonerr.ErrCouldNotDownload
|
||||
}
|
||||
defer repoMdResponse.Body.Close()
|
||||
|
||||
if !httputil.Status2xx(repoMdResponse) {
|
||||
log.WithField("StatusCode", repoMdResponse.StatusCode).Error("could not download repomd.xml")
|
||||
return "", commonerr.ErrCouldNotDownload
|
||||
}
|
||||
|
||||
// Decode repomd.xml.
|
||||
var repoMd RepoMd
|
||||
err = xml.NewDecoder(repoMdResponse.Body).Decode(&repoMd)
|
||||
if err != nil {
|
||||
log.WithError(err).Error("could not decode repomd.xml")
|
||||
return "", commonerr.ErrCouldNotDownload
|
||||
}
|
||||
|
||||
// Parse the URI of updateinfo.xml.gz.
|
||||
var updateInfoURI string
|
||||
for _, repo := range repoMd.RepoList {
|
||||
if repo.Type == "updateinfo" {
|
||||
updateInfoURI = mirrorURI + "/" + repo.Location.Href
|
||||
break
|
||||
}
|
||||
}
|
||||
if updateInfoURI == "" {
|
||||
log.Error("could not find updateinfo in repomd.xml")
|
||||
return "", commonerr.ErrCouldNotDownload
|
||||
}
|
||||
|
||||
return updateInfoURI, nil
|
||||
}
|
||||
|
||||
func decodeUpdateInfo(updateInfoReader io.Reader) (UpdateInfo, error) {
|
||||
var updateInfo UpdateInfo
|
||||
err := xml.NewDecoder(updateInfoReader).Decode(&updateInfo)
|
||||
if err != nil {
|
||||
return updateInfo, err
|
||||
}
|
||||
|
||||
return updateInfo, nil
|
||||
}
|
||||
|
||||
func (u *updater) alasListToVulnerabilities(alasList []ALAS) []database.VulnerabilityWithAffected {
|
||||
var vulnerabilities []database.VulnerabilityWithAffected
|
||||
for _, alas := range alasList {
|
||||
featureVersions := u.alasToFeatureVersions(alas)
|
||||
if len(featureVersions) > 0 {
|
||||
vulnerability := database.VulnerabilityWithAffected{
|
||||
Vulnerability: database.Vulnerability{
|
||||
Name: u.alasToName(alas),
|
||||
Link: u.alasToLink(alas),
|
||||
Severity: u.alasToSeverity(alas),
|
||||
Description: u.alasToDescription(alas),
|
||||
},
|
||||
Affected: featureVersions,
|
||||
}
|
||||
vulnerabilities = append(vulnerabilities, vulnerability)
|
||||
}
|
||||
}
|
||||
|
||||
return vulnerabilities
|
||||
}
|
||||
|
||||
func (u *updater) alasToName(alas ALAS) string {
|
||||
return alas.Id
|
||||
}
|
||||
|
||||
func (u *updater) alasToLink(alas ALAS) string {
|
||||
if u.Name == amazonLinux1Name {
|
||||
return fmt.Sprintf(u.LinkFormat, alas.Id)
|
||||
}
|
||||
|
||||
if u.Name == amazonLinux2Name {
|
||||
// "ALAS2-2018-1097" becomes "https://alas.aws.amazon.com/AL2/ALAS-2018-1097.html".
|
||||
re := regexp.MustCompile(`^ALAS2-(.+)$`)
|
||||
return fmt.Sprintf(u.LinkFormat, "ALAS-"+re.FindStringSubmatch(alas.Id)[1])
|
||||
}
|
||||
|
||||
return ""
|
||||
}
|
||||
|
||||
func (u *updater) alasToSeverity(alas ALAS) database.Severity {
|
||||
switch alas.Severity {
|
||||
case "low":
|
||||
return database.LowSeverity
|
||||
case "medium":
|
||||
return database.MediumSeverity
|
||||
case "important":
|
||||
return database.HighSeverity
|
||||
case "critical":
|
||||
return database.CriticalSeverity
|
||||
default:
|
||||
log.WithField("severity", alas.Severity).Warning("could not determine vulnerability severity")
|
||||
return database.UnknownSeverity
|
||||
}
|
||||
}
|
||||
|
||||
func (u *updater) alasToDescription(alas ALAS) string {
|
||||
re := regexp.MustCompile(`\s+`)
|
||||
return re.ReplaceAllString(strings.TrimSpace(alas.Description), " ")
|
||||
}
|
||||
|
||||
func (u *updater) alasToFeatureVersions(alas ALAS) []database.AffectedFeature {
|
||||
var featureVersions []database.AffectedFeature
|
||||
for _, p := range alas.Packages {
|
||||
var version string
|
||||
if p.Epoch == "0" {
|
||||
version = p.Version + "-" + p.Release
|
||||
} else {
|
||||
version = p.Epoch + ":" + p.Version + "-" + p.Release
|
||||
}
|
||||
err := versionfmt.Valid(rpm.ParserName, version)
|
||||
if err != nil {
|
||||
log.WithError(err).WithField("version", version).Warning("could not parse package version. skipping")
|
||||
continue
|
||||
}
|
||||
|
||||
featureVersion := database.AffectedFeature{
|
||||
Namespace: database.Namespace{
|
||||
Name: u.Namespace,
|
||||
VersionFormat: rpm.ParserName,
|
||||
},
|
||||
FeatureName: p.Name,
|
||||
AffectedVersion: version,
|
||||
FeatureType: database.BinaryPackage,
|
||||
}
|
||||
|
||||
if version != versionfmt.MaxVersion {
|
||||
featureVersion.FixedInVersion = version
|
||||
}
|
||||
|
||||
featureVersions = append(featureVersions, featureVersion)
|
||||
}
|
||||
|
||||
return featureVersions
|
||||
}
|
||||
|
||||
func compareTimestamp(date0 string, date1 string) int {
|
||||
// format: YYYY-MM-DD hh:mm
|
||||
if date0 < date1 {
|
||||
return -1
|
||||
} else if date0 > date1 {
|
||||
return 1
|
||||
} else {
|
||||
return 0
|
||||
}
|
||||
}
|
213
ext/vulnsrc/amzn/amzn_test.go
Normal file
213
ext/vulnsrc/amzn/amzn_test.go
Normal file
@ -0,0 +1,213 @@
|
||||
// Copyright 2017 clair authors
|
||||
//
|
||||
// Licensed under the Apache License, Version 2.0 (the "License");
|
||||
// you may not use this file except in compliance with the License.
|
||||
// You may obtain a copy of the License at
|
||||
//
|
||||
// http://www.apache.org/licenses/LICENSE-2.0
|
||||
//
|
||||
// Unless required by applicable law or agreed to in writing, software
|
||||
// distributed under the License is distributed on an "AS IS" BASIS,
|
||||
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
// See the License for the specific language governing permissions and
|
||||
// limitations under the License.
|
||||
|
||||
package amzn
|
||||
|
||||
import (
|
||||
"io/ioutil"
|
||||
"os"
|
||||
"path/filepath"
|
||||
"runtime"
|
||||
"testing"
|
||||
|
||||
"github.com/coreos/clair/database"
|
||||
"github.com/coreos/clair/ext/versionfmt/rpm"
|
||||
"github.com/stretchr/testify/assert"
|
||||
)
|
||||
|
||||
func TestAmazonLinux1(t *testing.T) {
|
||||
amazonLinux1Updater := updater{
|
||||
MirrorListURI: "http://repo.us-west-2.amazonaws.com/2018.03/updates/x86_64/mirror.list",
|
||||
Name: "Amazon Linux 2018.03",
|
||||
Namespace: "amzn:2018.03",
|
||||
UpdaterFlag: "amazonLinux1Updater",
|
||||
LinkFormat: "https://alas.aws.amazon.com/%s.html",
|
||||
}
|
||||
|
||||
_, filename, _, _ := runtime.Caller(0)
|
||||
path := filepath.Join(filepath.Dir(filename))
|
||||
|
||||
expectedDescription0Bytes, err := ioutil.ReadFile(path + "/testdata/amazon_linux_1_description_0.txt")
|
||||
expectedDescription0 := string(expectedDescription0Bytes)
|
||||
|
||||
expectedDescription1Bytes, _ := ioutil.ReadFile(path + "/testdata/amazon_linux_1_description_1.txt")
|
||||
expectedDescription1 := string(expectedDescription1Bytes)
|
||||
|
||||
updateInfoXml, _ := os.Open(path + "/testdata/amazon_linux_1_updateinfo.xml")
|
||||
defer updateInfoXml.Close()
|
||||
|
||||
updateInfo, err := decodeUpdateInfo(updateInfoXml)
|
||||
assert.Nil(t, err)
|
||||
|
||||
vulnerabilities := amazonLinux1Updater.alasListToVulnerabilities(updateInfo.ALASList)
|
||||
|
||||
assert.Equal(t, "ALAS-2011-1", vulnerabilities[0].Name)
|
||||
assert.Equal(t, "https://alas.aws.amazon.com/ALAS-2011-1.html", vulnerabilities[0].Link)
|
||||
assert.Equal(t, database.MediumSeverity, vulnerabilities[0].Severity)
|
||||
assert.Equal(t, expectedDescription0, vulnerabilities[0].Description)
|
||||
assert.Equal(t, 11, len(vulnerabilities[0].Affected))
|
||||
|
||||
expectedFeatureVersions0 := []database.AffectedFeature{
|
||||
{
|
||||
Namespace: database.Namespace{
|
||||
Name: "amzn:2018.03",
|
||||
VersionFormat: rpm.ParserName,
|
||||
},
|
||||
FeatureName: "httpd-devel",
|
||||
AffectedVersion: "2.2.21-1.18.amzn1",
|
||||
FixedInVersion: "2.2.21-1.18.amzn1",
|
||||
FeatureType: database.BinaryPackage,
|
||||
},
|
||||
{
|
||||
Namespace: database.Namespace{
|
||||
Name: "amzn:2018.03",
|
||||
VersionFormat: rpm.ParserName,
|
||||
},
|
||||
FeatureName: "httpd-debuginfo",
|
||||
AffectedVersion: "2.2.21-1.18.amzn1",
|
||||
FixedInVersion: "2.2.21-1.18.amzn1",
|
||||
FeatureType: database.BinaryPackage,
|
||||
},
|
||||
}
|
||||
|
||||
for _, expectedFeatureVersion := range expectedFeatureVersions0 {
|
||||
assert.Contains(t, vulnerabilities[0].Affected, expectedFeatureVersion)
|
||||
}
|
||||
|
||||
assert.Equal(t, "ALAS-2011-2", vulnerabilities[1].Name)
|
||||
assert.Equal(t, "https://alas.aws.amazon.com/ALAS-2011-2.html", vulnerabilities[1].Link)
|
||||
assert.Equal(t, database.HighSeverity, vulnerabilities[1].Severity)
|
||||
assert.Equal(t, expectedDescription1, vulnerabilities[1].Description)
|
||||
assert.Equal(t, 8, len(vulnerabilities[1].Affected))
|
||||
|
||||
expectedFeatureVersions1 := []database.AffectedFeature{
|
||||
{
|
||||
Namespace: database.Namespace{
|
||||
Name: "amzn:2018.03",
|
||||
VersionFormat: rpm.ParserName,
|
||||
},
|
||||
FeatureName: "cyrus-imapd-debuginfo",
|
||||
AffectedVersion: "2.3.16-6.4.amzn1",
|
||||
FixedInVersion: "2.3.16-6.4.amzn1",
|
||||
FeatureType: database.BinaryPackage,
|
||||
},
|
||||
{
|
||||
Namespace: database.Namespace{
|
||||
Name: "amzn:2018.03",
|
||||
VersionFormat: rpm.ParserName,
|
||||
},
|
||||
FeatureName: "cyrus-imapd-utils",
|
||||
AffectedVersion: "2.3.16-6.4.amzn1",
|
||||
FixedInVersion: "2.3.16-6.4.amzn1",
|
||||
FeatureType: database.BinaryPackage,
|
||||
},
|
||||
}
|
||||
|
||||
for _, expectedFeatureVersion := range expectedFeatureVersions1 {
|
||||
assert.Contains(t, vulnerabilities[1].Affected, expectedFeatureVersion)
|
||||
}
|
||||
}
|
||||
|
||||
func TestAmazonLinux2(t *testing.T) {
|
||||
amazonLinux2Updater := updater{
|
||||
MirrorListURI: "https://cdn.amazonlinux.com/2/core/latest/x86_64/mirror.list",
|
||||
Name: "Amazon Linux 2",
|
||||
Namespace: "amzn:2",
|
||||
UpdaterFlag: "amazonLinux2Updater",
|
||||
LinkFormat: "https://alas.aws.amazon.com/AL2/%s.html",
|
||||
}
|
||||
|
||||
_, filename, _, _ := runtime.Caller(0)
|
||||
path := filepath.Join(filepath.Dir(filename))
|
||||
|
||||
description0Bytes, _ := ioutil.ReadFile(path + "/testdata/amazon_linux_2_description_0.txt")
|
||||
expectedDescription0 := string(description0Bytes)
|
||||
|
||||
description1Bytes, _ := ioutil.ReadFile(path + "/testdata/amazon_linux_2_description_1.txt")
|
||||
expectedDescription1 := string(description1Bytes)
|
||||
|
||||
updateInfoXml, _ := os.Open(path + "/testdata/amazon_linux_2_updateinfo.xml")
|
||||
defer updateInfoXml.Close()
|
||||
|
||||
updateInfo, err := decodeUpdateInfo(updateInfoXml)
|
||||
assert.Nil(t, err)
|
||||
|
||||
vulnerabilities := amazonLinux2Updater.alasListToVulnerabilities(updateInfo.ALASList)
|
||||
|
||||
assert.Equal(t, "ALAS2-2018-939", vulnerabilities[0].Name)
|
||||
assert.Equal(t, "https://alas.aws.amazon.com/AL2/ALAS-2018-939.html", vulnerabilities[0].Link)
|
||||
assert.Equal(t, database.CriticalSeverity, vulnerabilities[0].Severity)
|
||||
assert.Equal(t, expectedDescription0, vulnerabilities[0].Description)
|
||||
assert.Equal(t, 13, len(vulnerabilities[0].Affected))
|
||||
|
||||
expectedFeatureVersions0 := []database.AffectedFeature{
|
||||
{
|
||||
Namespace: database.Namespace{
|
||||
Name: "amzn:2",
|
||||
VersionFormat: rpm.ParserName,
|
||||
},
|
||||
FeatureName: "kernel",
|
||||
AffectedVersion: "4.9.76-38.79.amzn2",
|
||||
FixedInVersion: "4.9.76-38.79.amzn2",
|
||||
FeatureType: database.BinaryPackage,
|
||||
},
|
||||
{
|
||||
Namespace: database.Namespace{
|
||||
Name: "amzn:2",
|
||||
VersionFormat: rpm.ParserName,
|
||||
},
|
||||
FeatureName: "kernel-headers",
|
||||
AffectedVersion: "4.9.76-38.79.amzn2",
|
||||
FixedInVersion: "4.9.76-38.79.amzn2",
|
||||
FeatureType: database.BinaryPackage,
|
||||
},
|
||||
}
|
||||
|
||||
for _, expectedFeatureVersion := range expectedFeatureVersions0 {
|
||||
assert.Contains(t, vulnerabilities[0].Affected, expectedFeatureVersion)
|
||||
}
|
||||
|
||||
assert.Equal(t, "ALAS2-2018-942", vulnerabilities[1].Name)
|
||||
assert.Equal(t, "https://alas.aws.amazon.com/AL2/ALAS-2018-942.html", vulnerabilities[1].Link)
|
||||
assert.Equal(t, database.HighSeverity, vulnerabilities[1].Severity)
|
||||
assert.Equal(t, expectedDescription1, vulnerabilities[1].Description)
|
||||
assert.Equal(t, 5, len(vulnerabilities[1].Affected))
|
||||
|
||||
expectedFeatureVersions1 := []database.AffectedFeature{
|
||||
{
|
||||
Namespace: database.Namespace{
|
||||
Name: "amzn:2",
|
||||
VersionFormat: rpm.ParserName,
|
||||
},
|
||||
FeatureName: "qemu-kvm",
|
||||
AffectedVersion: "10:1.5.3-141.amzn2.5.3",
|
||||
FixedInVersion: "10:1.5.3-141.amzn2.5.3",
|
||||
FeatureType: database.BinaryPackage,
|
||||
},
|
||||
{
|
||||
Namespace: database.Namespace{
|
||||
Name: "amzn:2",
|
||||
VersionFormat: rpm.ParserName,
|
||||
},
|
||||
FeatureName: "qemu-img",
|
||||
AffectedVersion: "10:1.5.3-141.amzn2.5.3",
|
||||
FixedInVersion: "10:1.5.3-141.amzn2.5.3",
|
||||
FeatureType: database.BinaryPackage,
|
||||
},
|
||||
}
|
||||
|
||||
for _, expectedFeatureVersion := range expectedFeatureVersions1 {
|
||||
assert.Contains(t, vulnerabilities[1].Affected, expectedFeatureVersion)
|
||||
}
|
||||
}
|
28
ext/vulnsrc/amzn/repomd.go
Normal file
28
ext/vulnsrc/amzn/repomd.go
Normal file
@ -0,0 +1,28 @@
|
||||
// Copyright 2017 clair authors
|
||||
//
|
||||
// Licensed under the Apache License, Version 2.0 (the "License");
|
||||
// you may not use this file except in compliance with the License.
|
||||
// You may obtain a copy of the License at
|
||||
//
|
||||
// http://www.apache.org/licenses/LICENSE-2.0
|
||||
//
|
||||
// Unless required by applicable law or agreed to in writing, software
|
||||
// distributed under the License is distributed on an "AS IS" BASIS,
|
||||
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
// See the License for the specific language governing permissions and
|
||||
// limitations under the License.
|
||||
|
||||
package amzn
|
||||
|
||||
type RepoMd struct {
|
||||
RepoList []Repo `xml:"data"`
|
||||
}
|
||||
|
||||
type Repo struct {
|
||||
Type string `xml:"type,attr"`
|
||||
Location Location `xml:"location"`
|
||||
}
|
||||
|
||||
type Location struct {
|
||||
Href string `xml:"href,attr"`
|
||||
}
|
1
ext/vulnsrc/amzn/testdata/amazon_linux_1_description_0.txt
vendored
Normal file
1
ext/vulnsrc/amzn/testdata/amazon_linux_1_description_0.txt
vendored
Normal file
@ -0,0 +1 @@
|
||||
Package updates are available for Amazon Linux AMI that fix the following vulnerabilities: CVE-2011-3192: A flaw was found in the way the Apache HTTP Server handled Range HTTP headers. A remote attacker could use this flaw to cause httpd to use an excessive amount of memory and CPU time via HTTP requests with a specially-crafted Range header. The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different vulnerability than CVE-2007-0086.
|
1
ext/vulnsrc/amzn/testdata/amazon_linux_1_description_1.txt
vendored
Normal file
1
ext/vulnsrc/amzn/testdata/amazon_linux_1_description_1.txt
vendored
Normal file
@ -0,0 +1 @@
|
||||
Package updates are available for Amazon Linux that fix the following vulnerabilities: CVE-2011-3208: Stack-based buffer overflow in the split_wildmats function in nntpd.c in nntpd in Cyrus IMAP Server before 2.3.17 and 2.4.x before 2.4.11 allows remote attackers to execute arbitrary code via a crafted NNTP command. A buffer overflow flaw was found in the cyrus-imapd NNTP server, nntpd. A remote user able to use the nntpd service could use this flaw to crash the nntpd child process or, possibly, execute arbitrary code with the privileges of the cyrus user.
|
104
ext/vulnsrc/amzn/testdata/amazon_linux_1_updateinfo.xml
vendored
Normal file
104
ext/vulnsrc/amzn/testdata/amazon_linux_1_updateinfo.xml
vendored
Normal file
@ -0,0 +1,104 @@
|
||||
<?xml version="1.0" ?>
|
||||
<updates>
|
||||
<update author="linux-security@amazon.com" from="linux-security@amazon.com" status="final" type="security" version="1.4">
|
||||
<id>ALAS-2011-1</id>
|
||||
<title>Amazon Linux AMI 2011.09 - ALAS-2011-1: medium priority package update for httpd</title>
|
||||
<issued date="2011-09-27 22:46" />
|
||||
<updated date="2014-09-14 14:25" />
|
||||
<severity>medium</severity>
|
||||
<description>
|
||||
Package updates are available for Amazon Linux AMI that fix the following vulnerabilities:
|
||||
CVE-2011-3192:
|
||||
A flaw was found in the way the Apache HTTP Server handled Range HTTP headers. A remote attacker could use this flaw to cause httpd to use an excessive amount of memory and CPU time via HTTP requests with a specially-crafted Range header.
|
||||
The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different vulnerability than CVE-2007-0086.
|
||||
</description>
|
||||
<references>
|
||||
<reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3192" id="CVE-2011-3192" title="" type="cve" />
|
||||
<reference href="https://rhn.redhat.com/errata/RHSA-2011:1245.html" id="RHSA-2011:1245" title="" type="redhat" />
|
||||
</references>
|
||||
<pkglist>
|
||||
<collection short="amazon-linux-ami">
|
||||
<name>Amazon Linux AMI</name>
|
||||
<package arch="i686" epoch="0" name="httpd-devel" release="1.18.amzn1" version="2.2.21">
|
||||
<filename>Packages/httpd-devel-2.2.21-1.18.amzn1.i686.rpm</filename>
|
||||
</package>
|
||||
<package arch="i686" epoch="0" name="httpd-debuginfo" release="1.18.amzn1" version="2.2.21">
|
||||
<filename>Packages/httpd-debuginfo-2.2.21-1.18.amzn1.i686.rpm</filename>
|
||||
</package>
|
||||
<package arch="i686" epoch="0" name="httpd" release="1.18.amzn1" version="2.2.21">
|
||||
<filename>Packages/httpd-2.2.21-1.18.amzn1.i686.rpm</filename>
|
||||
</package>
|
||||
<package arch="i686" epoch="0" name="httpd-tools" release="1.18.amzn1" version="2.2.21">
|
||||
<filename>Packages/httpd-tools-2.2.21-1.18.amzn1.i686.rpm</filename>
|
||||
</package>
|
||||
<package arch="i686" epoch="1" name="mod_ssl" release="1.18.amzn1" version="2.2.21">
|
||||
<filename>Packages/mod_ssl-2.2.21-1.18.amzn1.i686.rpm</filename>
|
||||
</package>
|
||||
<package arch="x86_64" epoch="1" name="mod_ssl" release="1.18.amzn1" version="2.2.21">
|
||||
<filename>Packages/mod_ssl-2.2.21-1.18.amzn1.x86_64.rpm</filename>
|
||||
</package>
|
||||
<package arch="x86_64" epoch="0" name="httpd-tools" release="1.18.amzn1" version="2.2.21">
|
||||
<filename>Packages/httpd-tools-2.2.21-1.18.amzn1.x86_64.rpm</filename>
|
||||
</package>
|
||||
<package arch="x86_64" epoch="0" name="httpd" release="1.18.amzn1" version="2.2.21">
|
||||
<filename>Packages/httpd-2.2.21-1.18.amzn1.x86_64.rpm</filename>
|
||||
</package>
|
||||
<package arch="x86_64" epoch="0" name="httpd-devel" release="1.18.amzn1" version="2.2.21">
|
||||
<filename>Packages/httpd-devel-2.2.21-1.18.amzn1.x86_64.rpm</filename>
|
||||
</package>
|
||||
<package arch="x86_64" epoch="0" name="httpd-debuginfo" release="1.18.amzn1" version="2.2.21">
|
||||
<filename>Packages/httpd-debuginfo-2.2.21-1.18.amzn1.x86_64.rpm</filename>
|
||||
</package>
|
||||
<package arch="noarch" epoch="0" name="httpd-manual" release="1.18.amzn1" version="2.2.21">
|
||||
<filename>Packages/httpd-manual-2.2.21-1.18.amzn1.noarch.rpm</filename>
|
||||
</package>
|
||||
</collection>
|
||||
</pkglist>
|
||||
</update>
|
||||
<update author="linux-security@amazon.com" from="linux-security@amazon.com" status="final" type="security" version="1.4">
|
||||
<id>ALAS-2011-2</id>
|
||||
<title>Amazon Linux - ALAS-2011-2: important priority package update for cyrus-imapd</title>
|
||||
<issued date="2011-10-10 22:29" />
|
||||
<updated date="2014-09-14 14:25" />
|
||||
<severity>important</severity>
|
||||
<description>
|
||||
Package updates are available for Amazon Linux that fix the following vulnerabilities:
|
||||
CVE-2011-3208:
|
||||
Stack-based buffer overflow in the split_wildmats function in nntpd.c in nntpd in Cyrus IMAP Server before 2.3.17 and 2.4.x before 2.4.11 allows remote attackers to execute arbitrary code via a crafted NNTP command.
|
||||
A buffer overflow flaw was found in the cyrus-imapd NNTP server, nntpd. A remote user able to use the nntpd service could use this flaw to crash the nntpd child process or, possibly, execute arbitrary code with the privileges of the cyrus user.
|
||||
</description>
|
||||
<references>
|
||||
<reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3208" id="CVE-2011-3208" title="" type="cve" />
|
||||
<reference href="https://rhn.redhat.com/errata/RHSA-2011:1317.html" id="RHSA-2011:1317" title="" type="redhat" />
|
||||
</references>
|
||||
<pkglist>
|
||||
<collection short="amazon-linux">
|
||||
<name>Amazon Linux</name>
|
||||
<package arch="i686" epoch="0" name="cyrus-imapd-debuginfo" release="6.4.amzn1" version="2.3.16">
|
||||
<filename>Packages/cyrus-imapd-debuginfo-2.3.16-6.4.amzn1.i686.rpm</filename>
|
||||
</package>
|
||||
<package arch="i686" epoch="0" name="cyrus-imapd-utils" release="6.4.amzn1" version="2.3.16">
|
||||
<filename>Packages/cyrus-imapd-utils-2.3.16-6.4.amzn1.i686.rpm</filename>
|
||||
</package>
|
||||
<package arch="i686" epoch="0" name="cyrus-imapd-devel" release="6.4.amzn1" version="2.3.16">
|
||||
<filename>Packages/cyrus-imapd-devel-2.3.16-6.4.amzn1.i686.rpm</filename>
|
||||
</package>
|
||||
<package arch="i686" epoch="0" name="cyrus-imapd" release="6.4.amzn1" version="2.3.16">
|
||||
<filename>Packages/cyrus-imapd-2.3.16-6.4.amzn1.i686.rpm</filename>
|
||||
</package>
|
||||
<package arch="x86_64" epoch="0" name="cyrus-imapd-debuginfo" release="6.4.amzn1" version="2.3.16">
|
||||
<filename>Packages/cyrus-imapd-debuginfo-2.3.16-6.4.amzn1.x86_64.rpm</filename>
|
||||
</package>
|
||||
<package arch="x86_64" epoch="0" name="cyrus-imapd-devel" release="6.4.amzn1" version="2.3.16">
|
||||
<filename>Packages/cyrus-imapd-devel-2.3.16-6.4.amzn1.x86_64.rpm</filename>
|
||||
</package>
|
||||
<package arch="x86_64" epoch="0" name="cyrus-imapd" release="6.4.amzn1" version="2.3.16">
|
||||
<filename>Packages/cyrus-imapd-2.3.16-6.4.amzn1.x86_64.rpm</filename>
|
||||
</package>
|
||||
<package arch="x86_64" epoch="0" name="cyrus-imapd-utils" release="6.4.amzn1" version="2.3.16">
|
||||
<filename>Packages/cyrus-imapd-utils-2.3.16-6.4.amzn1.x86_64.rpm</filename>
|
||||
</package>
|
||||
</collection>
|
||||
</pkglist>
|
||||
</update>
|
||||
</updates>
|
1
ext/vulnsrc/amzn/testdata/amazon_linux_2_description_0.txt
vendored
Normal file
1
ext/vulnsrc/amzn/testdata/amazon_linux_2_description_0.txt
vendored
Normal file
@ -0,0 +1 @@
|
||||
Package updates are available for Amazon Linux 2 that fix the following vulnerabilities: CVE-2017-5754: 1519781: CVE-2017-5754 hw: cpu: speculative execution permission faults handling An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization). There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Variant CVE-2017-5754 relies on the fact that, on impacted microprocessors, during speculative execution of instruction permission faults, exception generation triggered by a faulting access is suppressed until the retirement of the whole instruction block. In a combination with the fact that memory accesses may populate the cache even when the block is being dropped and never committed (executed), an unprivileged local attacker could use this flaw to read privileged (kernel space) memory by conducting targeted cache side-channel attacks. Note: CVE-2017-5754 affects Intel x86-64 microprocessors. AMD x86-64 microprocessors are not affected by this issue. CVE-2017-5715: An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization). There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Variant CVE-2017-5715 triggers the speculative execution by utilizing branch target injection. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall and guest/host boundaries and read privileged memory by conducting targeted cache side-channel attacks. 1519780: CVE-2017-5715 hw: cpu: speculative execution branch target injection
|
1
ext/vulnsrc/amzn/testdata/amazon_linux_2_description_1.txt
vendored
Normal file
1
ext/vulnsrc/amzn/testdata/amazon_linux_2_description_1.txt
vendored
Normal file
@ -0,0 +1 @@
|
||||
Package updates are available for Amazon Linux 2 that fix the following vulnerabilities: CVE-2017-5715: An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization). There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Variant CVE-2017-5715 triggers the speculative execution by utilizing branch target injection. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall and guest/host boundaries and read privileged memory by conducting targeted cache side-channel attacks. 1519780: CVE-2017-5715 hw: cpu: speculative execution branch target injection
|
104
ext/vulnsrc/amzn/testdata/amazon_linux_2_updateinfo.xml
vendored
Normal file
104
ext/vulnsrc/amzn/testdata/amazon_linux_2_updateinfo.xml
vendored
Normal file
@ -0,0 +1,104 @@
|
||||
<?xml version="1.0" ?>
|
||||
<updates>
|
||||
<update author="linux-security@amazon.com" from="linux-security@amazon.com" status="final" type="security" version="1.4">
|
||||
<id>ALAS2-2018-939</id>
|
||||
<title>Amazon Linux 2 2017.12 - ALAS2-2018-939: critical priority package update for kernel</title>
|
||||
<issued date="2018-01-11 21:05" />
|
||||
<updated date="2018-01-16 01:28" />
|
||||
<severity>critical</severity>
|
||||
<description>
|
||||
Package updates are available for Amazon Linux 2 that fix the following vulnerabilities:
|
||||
CVE-2017-5754:
|
||||
1519781:
|
||||
CVE-2017-5754 hw: cpu: speculative execution permission faults handling
|
||||
An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization). There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Variant CVE-2017-5754 relies on the fact that, on impacted microprocessors, during speculative execution of instruction permission faults, exception generation triggered by a faulting access is suppressed until the retirement of the whole instruction block. In a combination with the fact that memory accesses may populate the cache even when the block is being dropped and never committed (executed), an unprivileged local attacker could use this flaw to read privileged (kernel space) memory by conducting targeted cache side-channel attacks. Note: CVE-2017-5754 affects Intel x86-64 microprocessors. AMD x86-64 microprocessors are not affected by this issue.
|
||||
|
||||
CVE-2017-5715:
|
||||
An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization). There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Variant CVE-2017-5715 triggers the speculative execution by utilizing branch target injection. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor&#039;s data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall and guest/host boundaries and read privileged memory by conducting targeted cache side-channel attacks.
|
||||
1519780:
|
||||
CVE-2017-5715 hw: cpu: speculative execution branch target injection
|
||||
</description>
|
||||
<references>
|
||||
<reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5754" id="CVE-2017-5754" title="" type="cve" />
|
||||
<reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5715" id="CVE-2017-5715" title="" type="cve" />
|
||||
</references>
|
||||
<pkglist>
|
||||
<collection short="amazon-linux-2">
|
||||
<name>Amazon Linux 2</name>
|
||||
<package arch="x86_64" epoch="0" name="kernel" release="38.79.amzn2" version="4.9.76">
|
||||
<filename>Packages/kernel-4.9.76-38.79.amzn2.x86_64.rpm</filename>
|
||||
</package>
|
||||
<package arch="x86_64" epoch="0" name="kernel-headers" release="38.79.amzn2" version="4.9.76">
|
||||
<filename>Packages/kernel-headers-4.9.76-38.79.amzn2.x86_64.rpm</filename>
|
||||
</package>
|
||||
<package arch="x86_64" epoch="0" name="kernel-debuginfo-common-x86_64" release="38.79.amzn2" version="4.9.76">
|
||||
<filename>Packages/kernel-debuginfo-common-x86_64-4.9.76-38.79.amzn2.x86_64.rpm</filename></package>
|
||||
<package arch="x86_64" epoch="0" name="perf" release="38.79.amzn2" version="4.9.76">
|
||||
<filename>Packages/perf-4.9.76-38.79.amzn2.x86_64.rpm</filename></package>
|
||||
<package arch="x86_64" epoch="0" name="perf-debuginfo" release="38.79.amzn2" version="4.9.76">
|
||||
<filename>Packages/perf-debuginfo-4.9.76-38.79.amzn2.x86_64.rpm</filename>
|
||||
</package>
|
||||
<package arch="x86_64" epoch="0" name="python-perf" release="38.79.amzn2" version="4.9.76">
|
||||
<filename>Packages/python-perf-4.9.76-38.79.amzn2.x86_64.rpm</filename>
|
||||
</package>
|
||||
<package arch="x86_64" epoch="0" name="python-perf-debuginfo" release="38.79.amzn2" version="4.9.76">
|
||||
<filename>Packages/python-perf-debuginfo-4.9.76-38.79.amzn2.x86_64.rpm</filename>
|
||||
</package>
|
||||
<package arch="x86_64" epoch="0" name="kernel-tools" release="38.79.amzn2" version="4.9.76">
|
||||
<filename>Packages/kernel-tools-4.9.76-38.79.amzn2.x86_64.rpm</filename>
|
||||
</package>
|
||||
<package arch="x86_64" epoch="0" name="kernel-tools-devel" release="38.79.amzn2" version="4.9.76">
|
||||
<filename>Packages/kernel-tools-devel-4.9.76-38.79.amzn2.x86_64.rpm</filename>
|
||||
</package>
|
||||
<package arch="x86_64" epoch="0" name="kernel-tools-debuginfo" release="38.79.amzn2" version="4.9.76">
|
||||
<filename>Packages/kernel-tools-debuginfo-4.9.76-38.79.amzn2.x86_64.rpm</filename>
|
||||
</package>
|
||||
<package arch="x86_64" epoch="0" name="kernel-devel" release="38.79.amzn2" version="4.9.76">
|
||||
<filename>Packages/kernel-devel-4.9.76-38.79.amzn2.x86_64.rpm</filename>
|
||||
</package>
|
||||
<package arch="x86_64" epoch="0" name="kernel-debuginfo" release="38.79.amzn2" version="4.9.76">
|
||||
<filename>Packages/kernel-debuginfo-4.9.76-38.79.amzn2.x86_64.rpm</filename>
|
||||
</package>
|
||||
<package arch="noarch" epoch="0" name="kernel-doc" release="38.79.amzn2" version="4.9.76">
|
||||
<filename>Packages/kernel-doc-4.9.76-38.79.amzn2.noarch.rpm</filename>
|
||||
</package>
|
||||
</collection>
|
||||
</pkglist>
|
||||
</update>
|
||||
<update author="linux-security@amazon.com" from="linux-security@amazon.com" status="final" type="security" version="1.4">
|
||||
<id>ALAS2-2018-942</id>
|
||||
<title>Amazon Linux 2 2017.12 - ALAS2-2018-942: important priority package update for qemu-kvm</title>
|
||||
<issued date="2018-02-07 18:49" /><updated date="2018-02-08 21:46" />
|
||||
<severity>important</severity>
|
||||
<description>
|
||||
Package updates are available for Amazon Linux 2 that fix the following vulnerabilities:
|
||||
CVE-2017-5715:
|
||||
An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization). There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Variant CVE-2017-5715 triggers the speculative execution by utilizing branch target injection. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor&#039;s data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall and guest/host boundaries and read privileged memory by conducting targeted cache side-channel attacks.
|
||||
1519780:
|
||||
CVE-2017-5715 hw: cpu: speculative execution branch target injection
|
||||
</description>
|
||||
<references>
|
||||
<reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5715" id="CVE-2017-5715" title="" type="cve" />
|
||||
</references>
|
||||
<pkglist>
|
||||
<collection short="amazon-linux-2">
|
||||
<name>Amazon Linux 2</name>
|
||||
<package arch="x86_64" epoch="10" name="qemu-kvm" release="141.amzn2.5.3" version="1.5.3">
|
||||
<filename>Packages/qemu-kvm-1.5.3-141.amzn2.5.3.x86_64.rpm</filename>
|
||||
</package>
|
||||
<package arch="x86_64" epoch="10" name="qemu-img" release="141.amzn2.5.3" version="1.5.3">
|
||||
<filename>Packages/qemu-img-1.5.3-141.amzn2.5.3.x86_64.rpm</filename>
|
||||
</package>
|
||||
<package arch="x86_64" epoch="10" name="qemu-kvm-common" release="141.amzn2.5.3" version="1.5.3">
|
||||
<filename>Packages/qemu-kvm-common-1.5.3-141.amzn2.5.3.x86_64.rpm</filename>
|
||||
</package>
|
||||
<package arch="x86_64" epoch="10" name="qemu-kvm-tools" release="141.amzn2.5.3" version="1.5.3">
|
||||
<filename>Packages/qemu-kvm-tools-1.5.3-141.amzn2.5.3.x86_64.rpm</filename>
|
||||
</package>
|
||||
<package arch="x86_64" epoch="10" name="qemu-kvm-debuginfo" release="141.amzn2.5.3" version="1.5.3">
|
||||
<filename>Packages/qemu-kvm-debuginfo-1.5.3-141.amzn2.5.3.x86_64.rpm</filename>
|
||||
</package>
|
||||
</collection>
|
||||
</pkglist>
|
||||
</update>
|
||||
</updates>
|
38
ext/vulnsrc/amzn/updateinfo.go
Normal file
38
ext/vulnsrc/amzn/updateinfo.go
Normal file
@ -0,0 +1,38 @@
|
||||
// Copyright 2017 clair authors
|
||||
//
|
||||
// Licensed under the Apache License, Version 2.0 (the "License");
|
||||
// you may not use this file except in compliance with the License.
|
||||
// You may obtain a copy of the License at
|
||||
//
|
||||
// http://www.apache.org/licenses/LICENSE-2.0
|
||||
//
|
||||
// Unless required by applicable law or agreed to in writing, software
|
||||
// distributed under the License is distributed on an "AS IS" BASIS,
|
||||
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
// See the License for the specific language governing permissions and
|
||||
// limitations under the License.
|
||||
|
||||
package amzn
|
||||
|
||||
type UpdateInfo struct {
|
||||
ALASList []ALAS `xml:"update"`
|
||||
}
|
||||
|
||||
type ALAS struct {
|
||||
Id string `xml:"id"`
|
||||
Updated Updated `xml:"updated"`
|
||||
Severity string `xml:"severity"`
|
||||
Description string `xml:"description"`
|
||||
Packages []Package `xml:"pkglist>collection>package"`
|
||||
}
|
||||
|
||||
type Updated struct {
|
||||
Date string `xml:"date,attr"`
|
||||
}
|
||||
|
||||
type Package struct {
|
||||
Name string `xml:"name,attr"`
|
||||
Epoch string `xml:"epoch,attr"`
|
||||
Version string `xml:"version,attr"`
|
||||
Release string `xml:"release,attr"`
|
||||
}
|
Loading…
Reference in New Issue
Block a user