pepelyaevip/vuln-list-update
1
0
Fork 0
Code Pull Requests Actions Packages Releases Activity

feat(alma): support AlmaLinux (#98)

Browse Source 
* feat(alma): support AlmaLinux Errata

* style(alma): change var name

* fix(alma): fix test case

* chore: fix typo

* chore: use pb/v3

* chore: change by review

* style: rename var

* fix(alma): change location of the module field

* feat(alma): more detailed by year

* refactor(alma): do not loop twice

* refactor(alma): use IssuedDate

* refactor(alma): remove magic number

* refactor(alma): use time.UnixMilli
This commit is contained in:
MaineK00n 2021-09-03 07:02:09 +09:00 committed by GitHub
parent b646ca8fb9
commit e081c6e763
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
10 changed files with 1313 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
.github/workflows/update.yml vendored
View File

@ -87,6 +87,10 @@ jobs:
name: Arch Linux Security Advisory
run: ./vuln-list-update -target arch-linux
- if: always()
name: AlmaLinux Security Advisory
run: ./vuln-list-update -target alma
# Red Hat Security Data API is unstable.
# It should be split into small pieces to reduce the impact of failure.
- if: always()

197
alma/alma.go Normal file
View File

@ -0,0 +1,197 @@
package alma
import (
"encoding/json"
"fmt"
"log"
"os"
"path/filepath"
"strconv"
"strings"
"time"
"github.com/aquasecurity/vuln-list-update/utils"
"github.com/cheggaaa/pb/v3"
"golang.org/x/xerrors"
)
const (
almaLinuxDir = "alma"
urlFormat = "https://errata.almalinux.org/%s/errata.json"
retry = 3
)
var (
AlmaReleaseVersion = []string{"8"}
)
type erratum struct {
ID OID `json:"_id"`
BsRepoID OID `json:"bs_repo_id"`
UpdateinfoID string `json:"updateinfo_id"`
Description string `json:"description"`
Fromstr string `json:"fromstr"`
IssuedDate Date `json:"issued_date"`
Pkglist Pkglist `json:"pkglist"`
Pushcount string `json:"pushcount"`
References []Reference `json:"references"`
Release string `json:"release"`
Rights string `json:"rights"`
Severity string `json:"severity"`
Solution string `json:"solution"`
Status string `json:"status"`
Summary string `json:"summary"`
Title string `json:"title"`
Type string `json:"type"`
UpdatedDate Date `json:"updated_date"`
Version string `json:"version"`
}
type OID struct {
OID string `json:"$oid,omitempty"`
}
type Date struct {
Date int64 `json:"$date"`
}
type Pkglist struct {
Name string `json:"name"`
Shortname string `json:"shortname"`
Packages []Package `json:"packages"`
Module Module `json:"module"`
}
type Package struct {
Name string `json:"name"`
Version string `json:"version"`
Release string `json:"release"`
Epoch string `json:"epoch"`
Arch string `json:"arch"`
Src string `json:"src"`
Filename string `json:"filename"`
Sum string `json:"sum"`
SumType interface{} `json:"sum_type"`
RebootSuggested int `json:"reboot_suggested"`
}
type Module struct {
Stream string `json:"stream,omitempty"`
Name string `json:"name,omitempty"`
Version int64 `json:"version,omitempty"`
Arch string `json:"arch,omitempty"`
Context string `json:"context,omitempty"`
}
type Reference struct {
Href string `json:"href"`
Type string `json:"type"`
ID string `json:"id"`
Title string `json:"title"`
}
type options struct {
urls map[string]string
dir string
retry int
}
type option func(*options)
func WithURLs(urls map[string]string) option {
return func(opts *options) { opts.urls = urls }
}
func WithDir(dir string) option {
return func(opts *options) { opts.dir = dir }
}
func WithRetry(retry int) option {
return func(opts *options) { opts.retry = retry }
}
type Config struct {
*options
}
func NewConfig(opts ...option) Config {
urls := map[string]string{}
for _, version := range AlmaReleaseVersion {
urls[version] = fmt.Sprintf(urlFormat, version)
}
o := &options{
urls: urls,
dir: utils.VulnListDir(),
retry: retry,
}
for _, opt := range opts {
opt(o)
}
return Config{
options: o,
}
}
func (c Config) Update() error {
for version, url := range c.urls {
log.Printf("Fetching security advisories of AlmaLinux %s ...\n", version)
if err := c.update(version, url); err != nil {
return xerrors.Errorf("failed to update security advisories of AlmaLinux %s: %w", version, err)
}
}
return nil
}
func (c Config) update(version, url string) error {
dirPath := filepath.Join(c.dir, almaLinuxDir, version)
log.Printf("Remove AlmaLinux %s directory %s\n", version, dirPath)
if err := os.RemoveAll(dirPath); err != nil {
return xerrors.Errorf("failed to remove AlmaLinux %s directory: %w", version, err)
}
if err := os.MkdirAll(dirPath, os.ModePerm); err != nil {
return xerrors.Errorf("failed to mkdir: %w", err)
}
body, err := utils.FetchURL(url, "", c.retry)
if err != nil {
return xerrors.Errorf("failed to fetch security advisories from AlmaLinux: %w", err)
}
var errata []erratum
if err := json.Unmarshal(body, &errata); err != nil {
return xerrors.Errorf("failed to unmarshal json: %w", err)
}
secErrata := map[string][]erratum{}
for _, erratum := range errata {
if !strings.HasPrefix(erratum.UpdateinfoID, "ALSA-") {
continue
}
y := strconv.Itoa(time.UnixMilli(erratum.IssuedDate.Date).Year())
secErrata[y] = append(secErrata[y], erratum)
}
for year, errata := range secErrata {
log.Printf("Write Errata for AlmaLinux %s %s\n", version, year)
if err := os.MkdirAll(filepath.Join(dirPath, year), os.ModePerm); err != nil {
return xerrors.Errorf("failed to mkdir: %w", err)
}
bar := pb.StartNew(len(errata))
for _, erratum := range errata {
filepath := filepath.Join(dirPath, year, fmt.Sprintf("%s.json", erratum.UpdateinfoID))
if err := utils.Write(filepath, erratum); err != nil {
return xerrors.Errorf("failed to write AlmaLinux CVE details: %w", err)
}
bar.Increment()
}
bar.Finish()
}
return nil
}

83
alma/alma_test.go Normal file
View File

@ -0,0 +1,83 @@
package alma_test
import (
"errors"
"net/http"
"net/http/httptest"
"os"
"path/filepath"
"testing"
"github.com/aquasecurity/vuln-list-update/alma"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
"golang.org/x/xerrors"
)
func TestUpdate(t *testing.T) {
tests := []struct {
name string
version string
inputJSONFile string
expectedError error
}{
{
name: "happy path",
version: "8",
inputJSONFile: "testdata/errata.json",
expectedError: nil,
},
{
name: "sad path, invalid release version",
version: "9",
inputJSONFile: "",
expectedError: xerrors.Errorf("failed to update security advisories of AlmaLinux 9: %w", errors.New("failed to fetch security advisories from AlmaLinux")),
},
{
name: "sad path, invalid json",
version: "8",
inputJSONFile: "testdata/invalid.json",
expectedError: xerrors.Errorf("failed to update security advisories of AlmaLinux 8: %w", errors.New("failed to unmarshal json")),
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
if tt.inputJSONFile == "" {
http.NotFound(w, r)
return
}
http.ServeFile(w, r, tt.inputJSONFile)
}))
defer ts.Close()
dir := t.TempDir()
ac := alma.NewConfig(alma.WithURLs(map[string]string{tt.version: ts.URL}), alma.WithDir(dir), alma.WithRetry(0))
if err := ac.Update(); tt.expectedError != nil {
require.Error(t, err)
assert.Contains(t, err.Error(), tt.expectedError.Error())
return
}
err := filepath.Walk(dir, func(path string, info os.FileInfo, errfp error) error {
if info.IsDir() {
return nil
}
dir, file := filepath.Split(path)
want, err := os.ReadFile(filepath.Join("testdata", "golden", filepath.Base(dir), file))
assert.NoError(t, err, "failed to open the golden file")
got, err := os.ReadFile(path)
assert.NoError(t, err, "failed to open the result file")
assert.Equal(t, string(want), string(got))
return nil
})
assert.Nil(t, err, "filepath walk error")
})
}
}

538
alma/testdata/errata.json vendored Normal file
View File

@ -0,0 +1,538 @@
[
{
"_id": { "$oid": "6124ba4438ca2e5c441f5fff" },
"bs_repo_id": { "$oid": "5d9f70c5b456f24391e2644f" },
"updateinfo_id": "ALSA-2021:3253",
"description": "libsndfile is a C library for reading and writing files containing sampled sound, such as AIFF, AU, or WAV. \n\nSecurity Fix(es):\n\n* libsndfile: Heap buffer overflow via crafted WAV file allows arbitrary code execution (CVE-2021-3246)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"fromstr": "packager@almalinux.org",
"issued_date": { "$date": 1629790196000 },
"pkglist": {
"name": "almalinux-8-for-x86_64-appstream-rpms__8_0_default",
"shortname": "almalinux-8-for-x86_64-appstream-rpms__8_0_default",
"packages": [
{
"name": "libsndfile",
"version": "1.0.28",
"release": "10.el8_4.1",
"epoch": "0",
"arch": "i686",
"src": "libsndfile-1.0.28-10.el8_4.1.src.rpm",
"filename": "libsndfile-1.0.28-10.el8_4.1.i686.rpm",
"sum": "a3f34fa6b1fbcdedc6a71458aad13e977b6daea9e40aea94d723e5cfaefff1a0",
"sum_type": "sha256",
"reboot_suggested": 0
},
{
"name": "libsndfile",
"version": "1.0.28",
"release": "10.el8_4.1",
"epoch": "0",
"arch": "x86_64",
"src": "libsndfile-1.0.28-10.el8_4.1.src.rpm",
"filename": "libsndfile-1.0.28-10.el8_4.1.x86_64.rpm",
"sum": "c16dcef117a3a396e0040d1e37f9ec3ae46bb3d34dc18b569f43be345832ba25",
"sum_type": "sha256",
"reboot_suggested": 0
}
]
},
"pushcount": "2",
"references": [
{
"href": "https://vulners.com/cve/CVE-2021-3246",
"type": "cve",
"id": "CVE-2021-3246",
"title": "CVE-2021-3246"
}
],
"release": "0",
"rights": "Copyright 2021 AlmaLinux OS",
"severity": "Important",
"solution": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"status": "final",
"summary": "An update for libsndfile is now available for AlmaLinux\n\nAlmaLinux Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Important: libsndfile security update",
"type": "security",
"updated_date": { "$date": 1629804795086 },
"version": "1"
},
{
"_id": { "$oid": "611fbbe338ca2e5c44c71fad" },
"bs_repo_id": { "$oid": "5d9f70c5b456f24391e2644f" },
"updateinfo_id": "ALBA-2021:3240",
"description": ".NET Core is a managed-software framework. It implements a subset of the .NET\nframework APIs and several new APIs, and it includes a CLR implementation.\n\nBug Fix(es) and Enhancement(s):\n\n* BUG_TITLE (BZ#XYZ)",
"fromstr": "packager@almalinux.org",
"issued_date": { "$date": 1629443779000 },
"pkglist": {
"name": "almalinux-8-for-x86_64-appstream-rpms__8_0_default",
"shortname": "almalinux-8-for-x86_64-appstream-rpms__8_0_default",
"packages": [
{
"name": "dotnet-host-fxr-2.1",
"version": "2.1.30",
"release": "1.el8_4",
"epoch": "0",
"arch": "x86_64",
"src": "dotnet-2.1.526-1.el8_4.src.rpm",
"filename": "dotnet-host-fxr-2.1-2.1.30-1.el8_4.x86_64.rpm",
"sum": "d42efa3d5c3ebf834124b755d93b035961aa97023b9059e9f6d532494506ae7e",
"sum_type": "sha256",
"reboot_suggested": 0
},
{
"name": "dotnet-runtime-2.1",
"version": "2.1.30",
"release": "1.el8_4",
"epoch": "0",
"arch": "x86_64",
"src": "dotnet-2.1.526-1.el8_4.src.rpm",
"filename": "dotnet-runtime-2.1-2.1.30-1.el8_4.x86_64.rpm",
"sum": "7e37bc933d5dbbac91e0289d516505483d76f1c91365a47da72eeff9e5332119",
"sum_type": "sha256",
"reboot_suggested": 0
},
{
"name": "dotnet-sdk-2.1",
"version": "2.1.526",
"release": "1.el8_4",
"epoch": "0",
"arch": "x86_64",
"src": "dotnet-2.1.526-1.el8_4.src.rpm",
"filename": "dotnet-sdk-2.1-2.1.526-1.el8_4.x86_64.rpm",
"sum": "9a470ce88166e121ca0a2b9622c07152fe92a27998417dfd57bee0d9f8982754",
"sum_type": "sha256",
"reboot_suggested": 0
},
{
"name": "dotnet-sdk-2.1.5xx",
"version": "2.1.526",
"release": "1.el8_4",
"epoch": "0",
"arch": "x86_64",
"src": "dotnet-2.1.526-1.el8_4.src.rpm",
"filename": "dotnet-sdk-2.1.5xx-2.1.526-1.el8_4.x86_64.rpm",
"sum": "751e58a2eee6ad6adc4805d5a9bb4df903296f968d03546038ebaff3eb37d829",
"sum_type": "sha256",
"reboot_suggested": 0
}
]
},
"pushcount": "3",
"references": [],
"release": "0",
"rights": "Copyright 2021 AlmaLinux OS",
"severity": "None",
"solution": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"status": "final",
"summary": "An update for .NET Core 2.1 is now available for AlmaLinux.",
"title": ".NET Core 2.1 bugfix update",
"type": "bugfix",
"updated_date": { "$date": 1629727435019 },
"version": "1"
},
{
"_id": { "$oid": "611a6fa438ca2e5c441e0809" },
"bs_repo_id": { "$oid": "5d9f70f5b456f24391e285fe" },
"updateinfo_id": "ALSA-2021:3152",
"description": "Exiv2 is a C++ library to access image metadata, supporting read and write access to the Exif, IPTC and XMP metadata, Exif MakerNote support, extract and delete methods for Exif thumbnails, classes to access Ifd, and support for various image formats.\n\nSecurity Fix(es):\n\n* exiv2: Heap-based buffer overflow vulnerability in jp2image.cpp (CVE-2021-31291)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"fromstr": "packager@almalinux.org",
"issued_date": { "$date": 1629104881000 },
"pkglist": {
"name": "codeready-builder-for-rhel-8-x86_64-rpms__8_0_default",
"shortname": "codeready-builder-for-rhel-8-x86_64-rpms__8_0_default",
"packages": [
{
"name": "exiv2-devel",
"version": "0.27.3",
"release": "3.el8_4",
"epoch": "0",
"arch": "x86_64",
"src": "exiv2-0.27.3-3.el8_4.src.rpm",
"filename": "exiv2-devel-0.27.3-3.el8_4.x86_64.rpm",
"sum": "87d2931076533b41afc31151df18caa4cf8664dae701fa0119231af92ee82eb6",
"sum_type": "sha256",
"reboot_suggested": 0
},
{
"name": "exiv2-doc",
"version": "0.27.3",
"release": "3.el8_4",
"epoch": "0",
"arch": "noarch",
"src": "exiv2-0.27.3-3.el8_4.src.rpm",
"filename": "exiv2-doc-0.27.3-3.el8_4.noarch.rpm",
"sum": "16aba0a97d57c60bc3109fdcb9497e42372be57667f6ad060e146b9a69f1d2c7",
"sum_type": "sha256",
"reboot_suggested": 0
},
{
"name": "exiv2",
"version": "0.27.3",
"release": "3.el8_4",
"epoch": "0",
"arch": "x86_64",
"src": "exiv2-0.27.3-3.el8_4.src.rpm",
"filename": "exiv2-0.27.3-3.el8_4.x86_64.rpm",
"sum": "e2a961e6cc7a03eeb045124832df07e42dc4e951efd4bbda14e31df749746db5",
"sum_type": "sha256",
"reboot_suggested": 0
},
{
"name": "exiv2-libs",
"version": "0.27.3",
"release": "3.el8_4",
"epoch": "0",
"arch": "x86_64",
"src": "exiv2-0.27.3-3.el8_4.src.rpm",
"filename": "exiv2-libs-0.27.3-3.el8_4.x86_64.rpm",
"sum": "2edf875e3931f4f78b686a5e63f6d6f96a7e508e90fc20cde38989579c200eeb",
"sum_type": "sha256",
"reboot_suggested": 0
}
]
},
"pushcount": "3",
"references": [
{
"href": "https://vulners.com/cve/CVE-2021-31291",
"type": "cve",
"id": "CVE-2021-31291",
"title": "CVE-2021-31291"
}
],
"release": "0",
"rights": "Copyright 2021 AlmaLinux OS",
"severity": "Important",
"solution": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"status": "final",
"summary": "An update for exiv2 is now available for AlmaLinux\n\nAlmaLinux Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Important: exiv2 security update",
"type": "security",
"updated_date": { "$date": 1629304379060 },
"version": "1"
},
{
"_id": {
"$oid": "60c0a7e038ca2e5c4497c3d3"
},
"bs_repo_id": {
"$oid": "5d9f70c5b456f24391e2644f"
},
"updateinfo_id": "ALSA-2020:0279",
"description": "Kernel-based Virtual Machine (KVM) offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems.\n\nSecurity Fix(es):\n\n* hw: TSX Transaction Asynchronous Abort (TAA) (CVE-2019-11135)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"fromstr": "packager@almalinux.org",
"issued_date": {
"$date": 1580305374000
},
"pkglist": {
"name": "almalinux-8-for-x86_64-appstream-rpms__8_1_virt",
"shortname": "almalinux-8-for-x86_64-appstream-rpms__8_1_virt",
"packages": [
{
"name": "libiscsi",
"version": "1.18.0",
"release": "8.module_el8.4.0+2523+3300d70f",
"epoch": "0",
"arch": "x86_64",
"src": "libiscsi-1.18.0-8.module_el8.4.0+2523+3300d70f.src.rpm",
"filename": "libiscsi-1.18.0-8.module_el8.4.0+2523+3300d70f.x86_64.rpm",
"sum": "86d271c69cabe62216c25e9dc8479bbcf18080903959b69e350edbba7d00e387",
"sum_type": "sha256",
"reboot_suggested": 0
},
{
"name": "libiscsi-devel",
"version": "1.18.0",
"release": "8.module_el8.4.0+2523+3300d70f",
"epoch": "0",
"arch": "x86_64",
"src": "libiscsi-1.18.0-8.module_el8.4.0+2523+3300d70f.src.rpm",
"filename": "libiscsi-devel-1.18.0-8.module_el8.4.0+2523+3300d70f.x86_64.rpm",
"sum": "123546b4ba750ae5e88030dc1bad55dde946d8a6e9bef011b4c33743a29aa581",
"sum_type": "sha256",
"reboot_suggested": 0
},
{
"name": "libiscsi-utils",
"version": "1.18.0",
"release": "8.module_el8.4.0+2523+3300d70f",
"epoch": "0",
"arch": "x86_64",
"src": "libiscsi-1.18.0-8.module_el8.4.0+2523+3300d70f.src.rpm",
"filename": "libiscsi-utils-1.18.0-8.module_el8.4.0+2523+3300d70f.x86_64.rpm",
"sum": "9761e9d62c57d356610daed17b00388511b07030c6802c9a24270294badf12b2",
"sum_type": "sha256",
"reboot_suggested": 0
},
{
"name": "netcf",
"version": "0.2.8",
"release": "12.module_el8.4.0+2523+3300d70f",
"epoch": "0",
"arch": "x86_64",
"src": "netcf-0.2.8-12.module_el8.4.0+2523+3300d70f.src.rpm",
"filename": "netcf-0.2.8-12.module_el8.4.0+2523+3300d70f.x86_64.rpm",
"sum": "dc6d26fd1e5412aba3c2df9bfd373edc56de4f2291f92b56612f20d04127f9ac",
"sum_type": "sha256",
"reboot_suggested": 0
},
{
"name": "netcf-devel",
"version": "0.2.8",
"release": "12.module_el8.4.0+2523+3300d70f",
"epoch": "0",
"arch": "x86_64",
"src": "netcf-0.2.8-12.module_el8.4.0+2523+3300d70f.src.rpm",
"filename": "netcf-devel-0.2.8-12.module_el8.4.0+2523+3300d70f.x86_64.rpm",
"sum": "d4f372bcb811bd1e437f8c77715412075b3f318a28e134b91694e3b1e7377d55",
"sum_type": "sha256",
"reboot_suggested": 0
},
{
"name": "netcf-libs",
"version": "0.2.8",
"release": "12.module_el8.4.0+2523+3300d70f",
"epoch": "0",
"arch": "x86_64",
"src": "netcf-0.2.8-12.module_el8.4.0+2523+3300d70f.src.rpm",
"filename": "netcf-libs-0.2.8-12.module_el8.4.0+2523+3300d70f.x86_64.rpm",
"sum": "3d88aea503e3470634655b6cec7dd9e31c3dd2f82f0aa1012c1cc5be47bacb3f",
"sum_type": "sha256",
"reboot_suggested": 0
},
{
"name": "sgabios",
"version": "0.20170427git",
"release": "3.module_el8.4.0+2523+3300d70f",
"epoch": "1",
"arch": "x86_64",
"src": "sgabios-0.20170427git-3.module_el8.4.0+2523+3300d70f.src.rpm",
"filename": "sgabios-0.20170427git-3.module_el8.4.0+2523+3300d70f.x86_64.rpm",
"sum": "acdc68c873b0fffdaf991e78ee6f06619d0898aac0228b404ffda8f4df7410da",
"sum_type": "sha256",
"reboot_suggested": 0
},
{
"name": "sgabios-bin",
"version": "0.20170427git",
"release": "3.module_el8.4.0+2523+3300d70f",
"epoch": "1",
"arch": "noarch",
"src": "sgabios-0.20170427git-3.module_el8.4.0+2523+3300d70f.src.rpm",
"filename": "sgabios-bin-0.20170427git-3.module_el8.4.0+2523+3300d70f.noarch.rpm",
"sum": "1e4026180606e1e9d3c097e15eaf5be82ff6be1c8db0568827d73ca60ec93631",
"sum_type": "sha256",
"reboot_suggested": 0
},
{
"src": "libiscsi-1.18.0-8.module_el8.3.0+2048+e7a0a3ea.src.rpm",
"name": "libiscsi",
"epoch": "0",
"version": "1.18.0",
"release": "8.module_el8.3.0+2048+e7a0a3ea",
"arch": "x86_64",
"filename": "libiscsi-1.18.0-8.module_el8.3.0+2048+e7a0a3ea.x86_64.rpm",
"sum": "b0ecad61d692057eaa21ceea8c62440ca78ff245ecfaf99245c3a98a79b6d93e",
"sum_type": 5,
"reboot_suggested": 0
},
{
"src": "libiscsi-1.18.0-8.module_el8.3.0+2048+e7a0a3ea.src.rpm",
"name": "libiscsi-devel",
"epoch": "0",
"version": "1.18.0",
"release": "8.module_el8.3.0+2048+e7a0a3ea",
"arch": "x86_64",
"filename": "libiscsi-devel-1.18.0-8.module_el8.3.0+2048+e7a0a3ea.x86_64.rpm",
"sum": "77f25889b727c8cee2afb84f3550dda671068ae6f7524831d14726125d5a5ca9",
"sum_type": 5,
"reboot_suggested": 0
},
{
"src": "libiscsi-1.18.0-8.module_el8.3.0+2048+e7a0a3ea.src.rpm",
"name": "libiscsi-utils",
"epoch": "0",
"version": "1.18.0",
"release": "8.module_el8.3.0+2048+e7a0a3ea",
"arch": "x86_64",
"filename": "libiscsi-utils-1.18.0-8.module_el8.3.0+2048+e7a0a3ea.x86_64.rpm",
"sum": "d96101b792d724177a04744368e6d421e7b1b362703125ff346b5d179b2a8fec",
"sum_type": 5,
"reboot_suggested": 0
},
{
"src": "netcf-0.2.8-12.module_el8.3.0+2048+e7a0a3ea.src.rpm",
"name": "netcf",
"epoch": "0",
"version": "0.2.8",
"release": "12.module_el8.3.0+2048+e7a0a3ea",
"arch": "x86_64",
"filename": "netcf-0.2.8-12.module_el8.3.0+2048+e7a0a3ea.x86_64.rpm",
"sum": "67bae2c1bcfbcba4eac7b5f3cb820293a7f9061ef6585302212b8818fe9c6048",
"sum_type": 5,
"reboot_suggested": 0
},
{
"src": "netcf-0.2.8-12.module_el8.3.0+2048+e7a0a3ea.src.rpm",
"name": "netcf-devel",
"epoch": "0",
"version": "0.2.8",
"release": "12.module_el8.3.0+2048+e7a0a3ea",
"arch": "x86_64",
"filename": "netcf-devel-0.2.8-12.module_el8.3.0+2048+e7a0a3ea.x86_64.rpm",
"sum": "00b3ab838dde88f8ae69e9689b09f352944cc93203698be035e8be9da1e9795c",
"sum_type": 5,
"reboot_suggested": 0
},
{
"src": "netcf-0.2.8-12.module_el8.3.0+2048+e7a0a3ea.src.rpm",
"name": "netcf-libs",
"epoch": "0",
"version": "0.2.8",
"release": "12.module_el8.3.0+2048+e7a0a3ea",
"arch": "x86_64",
"filename": "netcf-libs-0.2.8-12.module_el8.3.0+2048+e7a0a3ea.x86_64.rpm",
"sum": "4f9121d6b4d1cc84c1d551da8cb25a27608abb4a58f38beaa6edf3a927d76792",
"sum_type": 5,
"reboot_suggested": 0
},
{
"src": "sgabios-0.20170427git-3.module_el8.3.0+2048+e7a0a3ea.src.rpm",
"name": "sgabios",
"epoch": "1",
"version": "0.20170427git",
"release": "3.module_el8.3.0+2048+e7a0a3ea",
"arch": "x86_64",
"filename": "sgabios-0.20170427git-3.module_el8.3.0+2048+e7a0a3ea.x86_64.rpm",
"sum": "1304be859f8a674c16e466cd4c3e093849be38fe3accca0389dee3b35f848431",
"sum_type": 5,
"reboot_suggested": 0
},
{
"src": "sgabios-0.20170427git-3.module_el8.3.0+2048+e7a0a3ea.src.rpm",
"name": "sgabios-bin",
"epoch": "1",
"version": "0.20170427git",
"release": "3.module_el8.3.0+2048+e7a0a3ea",
"arch": "noarch",
"filename": "sgabios-bin-0.20170427git-3.module_el8.3.0+2048+e7a0a3ea.noarch.rpm",
"sum": "4b902dedf60f95f4ad616c2ec5fba18092e0b661ca07d86f3a05c59df70e8ce9",
"sum_type": 5,
"reboot_suggested": 0
},
{
"src": "libiscsi-1.18.0-8.module_el8.3.0+2048+e7a0a3ea.src.rpm",
"name": "libiscsi",
"epoch": "0",
"version": "1.18.0",
"release": "8.module_el8.3.0+2048+e7a0a3ea",
"arch": "i686",
"filename": "libiscsi-1.18.0-8.module_el8.3.0+2048+e7a0a3ea.i686.rpm",
"sum": "f3d7ca410a042583a92c168682347a9ef0fc92bfa1c1ab07736019dafe68533b",
"sum_type": 5,
"reboot_suggested": 0
},
{
"src": "libiscsi-1.18.0-8.module_el8.3.0+2048+e7a0a3ea.src.rpm",
"name": "libiscsi-devel",
"epoch": "0",
"version": "1.18.0",
"release": "8.module_el8.3.0+2048+e7a0a3ea",
"arch": "i686",
"filename": "libiscsi-devel-1.18.0-8.module_el8.3.0+2048+e7a0a3ea.i686.rpm",
"sum": "6354d76fcb3f9b45659f5abe06ec2f3a59420619b66d3967949d93b3a76a49f7",
"sum_type": 5,
"reboot_suggested": 0
},
{
"src": "libiscsi-1.18.0-8.module_el8.3.0+2048+e7a0a3ea.src.rpm",
"name": "libiscsi-utils",
"epoch": "0",
"version": "1.18.0",
"release": "8.module_el8.3.0+2048+e7a0a3ea",
"arch": "i686",
"filename": "libiscsi-utils-1.18.0-8.module_el8.3.0+2048+e7a0a3ea.i686.rpm",
"sum": "1b48736426106336aecd3b251329dca6eb67d703a3a906c30576599a9680019b",
"sum_type": 5,
"reboot_suggested": 0
},
{
"src": "netcf-0.2.8-12.module_el8.3.0+2048+e7a0a3ea.src.rpm",
"name": "netcf",
"epoch": "0",
"version": "0.2.8",
"release": "12.module_el8.3.0+2048+e7a0a3ea",
"arch": "i686",
"filename": "netcf-0.2.8-12.module_el8.3.0+2048+e7a0a3ea.i686.rpm",
"sum": "a1fedfd353c9753eb41616cfa441b34fbcc8da5d0926a40212761a5476a8a77f",
"sum_type": 5,
"reboot_suggested": 0
},
{
"src": "netcf-0.2.8-12.module_el8.3.0+2048+e7a0a3ea.src.rpm",
"name": "netcf-devel",
"epoch": "0",
"version": "0.2.8",
"release": "12.module_el8.3.0+2048+e7a0a3ea",
"arch": "i686",
"filename": "netcf-devel-0.2.8-12.module_el8.3.0+2048+e7a0a3ea.i686.rpm",
"sum": "2382e8ade6974ff73d169757ba744f1688d25130570f61eb6ecbeddec08a7dab",
"sum_type": 5,
"reboot_suggested": 0
},
{
"src": "netcf-0.2.8-12.module_el8.3.0+2048+e7a0a3ea.src.rpm",
"name": "netcf-libs",
"epoch": "0",
"version": "0.2.8",
"release": "12.module_el8.3.0+2048+e7a0a3ea",
"arch": "i686",
"filename": "netcf-libs-0.2.8-12.module_el8.3.0+2048+e7a0a3ea.i686.rpm",
"sum": "eb138f7be869d051491087b5952d125d192a791e8e30ba220ede3ea10cb170c5",
"sum_type": 5,
"reboot_suggested": 0
},
{
"src": "sgabios-0.20170427git-3.module_el8.3.0+2048+e7a0a3ea.src.rpm",
"name": "sgabios",
"epoch": "1",
"version": "0.20170427git",
"release": "3.module_el8.3.0+2048+e7a0a3ea",
"arch": "i686",
"filename": "sgabios-0.20170427git-3.module_el8.3.0+2048+e7a0a3ea.i686.rpm",
"sum": "ae762fce191d248de990f617397e2461da48486d4fedc6dc264feaa9cc05c721",
"sum_type": 5,
"reboot_suggested": 0
}
],
"module": {
"stream": "rhel",
"name": "virt",
"version": 8040020210811063000,
"arch": "x86_64",
"context": "522a0ee4"
}
},
"pushcount": "3",
"references": [
{
"href": "https://vulners.com/cve/CVE-2019-11135",
"type": "cve",
"id": "CVE-2019-11135",
"title": "CVE-2019-11135"
}
],
"release": "0",
"rights": "Copyright 2021 AlmaLinux OS",
"severity": "Moderate",
"solution": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"status": "final",
"summary": "An update for the virt:rhel and virt-devel:rhel modules is now available for AlmaLinux\n\nAlmaLinux Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Moderate: virt:rhel security update",
"type": "security",
"updated_date": {
"$date": 1580305374000
},
"version": "1"
}
]

324
alma/testdata/golden/2020/ALSA-2020:0279.json vendored Normal file
View File

@ -0,0 +1,324 @@
{
"_id": {
"$oid": "60c0a7e038ca2e5c4497c3d3"
},
"bs_repo_id": {
"$oid": "5d9f70c5b456f24391e2644f"
},
"updateinfo_id": "ALSA-2020:0279",
"description": "Kernel-based Virtual Machine (KVM) offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems.\n\nSecurity Fix(es):\n\n* hw: TSX Transaction Asynchronous Abort (TAA) (CVE-2019-11135)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"fromstr": "packager@almalinux.org",
"issued_date": {
"$date": 1580305374000
},
"pkglist": {
"name": "almalinux-8-for-x86_64-appstream-rpms__8_1_virt",
"shortname": "almalinux-8-for-x86_64-appstream-rpms__8_1_virt",
"packages": [
{
"name": "libiscsi",
"version": "1.18.0",
"release": "8.module_el8.4.0+2523+3300d70f",
"epoch": "0",
"arch": "x86_64",
"src": "libiscsi-1.18.0-8.module_el8.4.0+2523+3300d70f.src.rpm",
"filename": "libiscsi-1.18.0-8.module_el8.4.0+2523+3300d70f.x86_64.rpm",
"sum": "86d271c69cabe62216c25e9dc8479bbcf18080903959b69e350edbba7d00e387",
"sum_type": "sha256",
"reboot_suggested": 0
},
{
"name": "libiscsi-devel",
"version": "1.18.0",
"release": "8.module_el8.4.0+2523+3300d70f",
"epoch": "0",
"arch": "x86_64",
"src": "libiscsi-1.18.0-8.module_el8.4.0+2523+3300d70f.src.rpm",
"filename": "libiscsi-devel-1.18.0-8.module_el8.4.0+2523+3300d70f.x86_64.rpm",
"sum": "123546b4ba750ae5e88030dc1bad55dde946d8a6e9bef011b4c33743a29aa581",
"sum_type": "sha256",
"reboot_suggested": 0
},
{
"name": "libiscsi-utils",
"version": "1.18.0",
"release": "8.module_el8.4.0+2523+3300d70f",
"epoch": "0",
"arch": "x86_64",
"src": "libiscsi-1.18.0-8.module_el8.4.0+2523+3300d70f.src.rpm",
"filename": "libiscsi-utils-1.18.0-8.module_el8.4.0+2523+3300d70f.x86_64.rpm",
"sum": "9761e9d62c57d356610daed17b00388511b07030c6802c9a24270294badf12b2",
"sum_type": "sha256",
"reboot_suggested": 0
},
{
"name": "netcf",
"version": "0.2.8",
"release": "12.module_el8.4.0+2523+3300d70f",
"epoch": "0",
"arch": "x86_64",
"src": "netcf-0.2.8-12.module_el8.4.0+2523+3300d70f.src.rpm",
"filename": "netcf-0.2.8-12.module_el8.4.0+2523+3300d70f.x86_64.rpm",
"sum": "dc6d26fd1e5412aba3c2df9bfd373edc56de4f2291f92b56612f20d04127f9ac",
"sum_type": "sha256",
"reboot_suggested": 0
},
{
"name": "netcf-devel",
"version": "0.2.8",
"release": "12.module_el8.4.0+2523+3300d70f",
"epoch": "0",
"arch": "x86_64",
"src": "netcf-0.2.8-12.module_el8.4.0+2523+3300d70f.src.rpm",
"filename": "netcf-devel-0.2.8-12.module_el8.4.0+2523+3300d70f.x86_64.rpm",
"sum": "d4f372bcb811bd1e437f8c77715412075b3f318a28e134b91694e3b1e7377d55",
"sum_type": "sha256",
"reboot_suggested": 0
},
{
"name": "netcf-libs",
"version": "0.2.8",
"release": "12.module_el8.4.0+2523+3300d70f",
"epoch": "0",
"arch": "x86_64",
"src": "netcf-0.2.8-12.module_el8.4.0+2523+3300d70f.src.rpm",
"filename": "netcf-libs-0.2.8-12.module_el8.4.0+2523+3300d70f.x86_64.rpm",
"sum": "3d88aea503e3470634655b6cec7dd9e31c3dd2f82f0aa1012c1cc5be47bacb3f",
"sum_type": "sha256",
"reboot_suggested": 0
},
{
"name": "sgabios",
"version": "0.20170427git",
"release": "3.module_el8.4.0+2523+3300d70f",
"epoch": "1",
"arch": "x86_64",
"src": "sgabios-0.20170427git-3.module_el8.4.0+2523+3300d70f.src.rpm",
"filename": "sgabios-0.20170427git-3.module_el8.4.0+2523+3300d70f.x86_64.rpm",
"sum": "acdc68c873b0fffdaf991e78ee6f06619d0898aac0228b404ffda8f4df7410da",
"sum_type": "sha256",
"reboot_suggested": 0
},
{
"name": "sgabios-bin",
"version": "0.20170427git",
"release": "3.module_el8.4.0+2523+3300d70f",
"epoch": "1",
"arch": "noarch",
"src": "sgabios-0.20170427git-3.module_el8.4.0+2523+3300d70f.src.rpm",
"filename": "sgabios-bin-0.20170427git-3.module_el8.4.0+2523+3300d70f.noarch.rpm",
"sum": "1e4026180606e1e9d3c097e15eaf5be82ff6be1c8db0568827d73ca60ec93631",
"sum_type": "sha256",
"reboot_suggested": 0
},
{
"name": "libiscsi",
"version": "1.18.0",
"release": "8.module_el8.3.0+2048+e7a0a3ea",
"epoch": "0",
"arch": "x86_64",
"src": "libiscsi-1.18.0-8.module_el8.3.0+2048+e7a0a3ea.src.rpm",
"filename": "libiscsi-1.18.0-8.module_el8.3.0+2048+e7a0a3ea.x86_64.rpm",
"sum": "b0ecad61d692057eaa21ceea8c62440ca78ff245ecfaf99245c3a98a79b6d93e",
"sum_type": 5,
"reboot_suggested": 0
},
{
"name": "libiscsi-devel",
"version": "1.18.0",
"release": "8.module_el8.3.0+2048+e7a0a3ea",
"epoch": "0",
"arch": "x86_64",
"src": "libiscsi-1.18.0-8.module_el8.3.0+2048+e7a0a3ea.src.rpm",
"filename": "libiscsi-devel-1.18.0-8.module_el8.3.0+2048+e7a0a3ea.x86_64.rpm",
"sum": "77f25889b727c8cee2afb84f3550dda671068ae6f7524831d14726125d5a5ca9",
"sum_type": 5,
"reboot_suggested": 0
},
{
"name": "libiscsi-utils",
"version": "1.18.0",
"release": "8.module_el8.3.0+2048+e7a0a3ea",
"epoch": "0",
"arch": "x86_64",
"src": "libiscsi-1.18.0-8.module_el8.3.0+2048+e7a0a3ea.src.rpm",
"filename": "libiscsi-utils-1.18.0-8.module_el8.3.0+2048+e7a0a3ea.x86_64.rpm",
"sum": "d96101b792d724177a04744368e6d421e7b1b362703125ff346b5d179b2a8fec",
"sum_type": 5,
"reboot_suggested": 0
},
{
"name": "netcf",
"version": "0.2.8",
"release": "12.module_el8.3.0+2048+e7a0a3ea",
"epoch": "0",
"arch": "x86_64",
"src": "netcf-0.2.8-12.module_el8.3.0+2048+e7a0a3ea.src.rpm",
"filename": "netcf-0.2.8-12.module_el8.3.0+2048+e7a0a3ea.x86_64.rpm",
"sum": "67bae2c1bcfbcba4eac7b5f3cb820293a7f9061ef6585302212b8818fe9c6048",
"sum_type": 5,
"reboot_suggested": 0
},
{
"name": "netcf-devel",
"version": "0.2.8",
"release": "12.module_el8.3.0+2048+e7a0a3ea",
"epoch": "0",
"arch": "x86_64",
"src": "netcf-0.2.8-12.module_el8.3.0+2048+e7a0a3ea.src.rpm",
"filename": "netcf-devel-0.2.8-12.module_el8.3.0+2048+e7a0a3ea.x86_64.rpm",
"sum": "00b3ab838dde88f8ae69e9689b09f352944cc93203698be035e8be9da1e9795c",
"sum_type": 5,
"reboot_suggested": 0
},
{
"name": "netcf-libs",
"version": "0.2.8",
"release": "12.module_el8.3.0+2048+e7a0a3ea",
"epoch": "0",
"arch": "x86_64",
"src": "netcf-0.2.8-12.module_el8.3.0+2048+e7a0a3ea.src.rpm",
"filename": "netcf-libs-0.2.8-12.module_el8.3.0+2048+e7a0a3ea.x86_64.rpm",
"sum": "4f9121d6b4d1cc84c1d551da8cb25a27608abb4a58f38beaa6edf3a927d76792",
"sum_type": 5,
"reboot_suggested": 0
},
{
"name": "sgabios",
"version": "0.20170427git",
"release": "3.module_el8.3.0+2048+e7a0a3ea",
"epoch": "1",
"arch": "x86_64",
"src": "sgabios-0.20170427git-3.module_el8.3.0+2048+e7a0a3ea.src.rpm",
"filename": "sgabios-0.20170427git-3.module_el8.3.0+2048+e7a0a3ea.x86_64.rpm",
"sum": "1304be859f8a674c16e466cd4c3e093849be38fe3accca0389dee3b35f848431",
"sum_type": 5,
"reboot_suggested": 0
},
{
"name": "sgabios-bin",
"version": "0.20170427git",
"release": "3.module_el8.3.0+2048+e7a0a3ea",
"epoch": "1",
"arch": "noarch",
"src": "sgabios-0.20170427git-3.module_el8.3.0+2048+e7a0a3ea.src.rpm",
"filename": "sgabios-bin-0.20170427git-3.module_el8.3.0+2048+e7a0a3ea.noarch.rpm",
"sum": "4b902dedf60f95f4ad616c2ec5fba18092e0b661ca07d86f3a05c59df70e8ce9",
"sum_type": 5,
"reboot_suggested": 0
},
{
"name": "libiscsi",
"version": "1.18.0",
"release": "8.module_el8.3.0+2048+e7a0a3ea",
"epoch": "0",
"arch": "i686",
"src": "libiscsi-1.18.0-8.module_el8.3.0+2048+e7a0a3ea.src.rpm",
"filename": "libiscsi-1.18.0-8.module_el8.3.0+2048+e7a0a3ea.i686.rpm",
"sum": "f3d7ca410a042583a92c168682347a9ef0fc92bfa1c1ab07736019dafe68533b",
"sum_type": 5,
"reboot_suggested": 0
},
{
"name": "libiscsi-devel",
"version": "1.18.0",
"release": "8.module_el8.3.0+2048+e7a0a3ea",
"epoch": "0",
"arch": "i686",
"src": "libiscsi-1.18.0-8.module_el8.3.0+2048+e7a0a3ea.src.rpm",
"filename": "libiscsi-devel-1.18.0-8.module_el8.3.0+2048+e7a0a3ea.i686.rpm",
"sum": "6354d76fcb3f9b45659f5abe06ec2f3a59420619b66d3967949d93b3a76a49f7",
"sum_type": 5,
"reboot_suggested": 0
},
{
"name": "libiscsi-utils",
"version": "1.18.0",
"release": "8.module_el8.3.0+2048+e7a0a3ea",
"epoch": "0",
"arch": "i686",
"src": "libiscsi-1.18.0-8.module_el8.3.0+2048+e7a0a3ea.src.rpm",
"filename": "libiscsi-utils-1.18.0-8.module_el8.3.0+2048+e7a0a3ea.i686.rpm",
"sum": "1b48736426106336aecd3b251329dca6eb67d703a3a906c30576599a9680019b",
"sum_type": 5,
"reboot_suggested": 0
},
{
"name": "netcf",
"version": "0.2.8",
"release": "12.module_el8.3.0+2048+e7a0a3ea",
"epoch": "0",
"arch": "i686",
"src": "netcf-0.2.8-12.module_el8.3.0+2048+e7a0a3ea.src.rpm",
"filename": "netcf-0.2.8-12.module_el8.3.0+2048+e7a0a3ea.i686.rpm",
"sum": "a1fedfd353c9753eb41616cfa441b34fbcc8da5d0926a40212761a5476a8a77f",
"sum_type": 5,
"reboot_suggested": 0
},
{
"name": "netcf-devel",
"version": "0.2.8",
"release": "12.module_el8.3.0+2048+e7a0a3ea",
"epoch": "0",
"arch": "i686",
"src": "netcf-0.2.8-12.module_el8.3.0+2048+e7a0a3ea.src.rpm",
"filename": "netcf-devel-0.2.8-12.module_el8.3.0+2048+e7a0a3ea.i686.rpm",
"sum": "2382e8ade6974ff73d169757ba744f1688d25130570f61eb6ecbeddec08a7dab",
"sum_type": 5,
"reboot_suggested": 0
},
{
"name": "netcf-libs",
"version": "0.2.8",
"release": "12.module_el8.3.0+2048+e7a0a3ea",
"epoch": "0",
"arch": "i686",
"src": "netcf-0.2.8-12.module_el8.3.0+2048+e7a0a3ea.src.rpm",
"filename": "netcf-libs-0.2.8-12.module_el8.3.0+2048+e7a0a3ea.i686.rpm",
"sum": "eb138f7be869d051491087b5952d125d192a791e8e30ba220ede3ea10cb170c5",
"sum_type": 5,
"reboot_suggested": 0
},
{
"name": "sgabios",
"version": "0.20170427git",
"release": "3.module_el8.3.0+2048+e7a0a3ea",
"epoch": "1",
"arch": "i686",
"src": "sgabios-0.20170427git-3.module_el8.3.0+2048+e7a0a3ea.src.rpm",
"filename": "sgabios-0.20170427git-3.module_el8.3.0+2048+e7a0a3ea.i686.rpm",
"sum": "ae762fce191d248de990f617397e2461da48486d4fedc6dc264feaa9cc05c721",
"sum_type": 5,
"reboot_suggested": 0
}
],
"module": {
"stream": "rhel",
"name": "virt",
"version": 8040020210811063000,
"arch": "x86_64",
"context": "522a0ee4"
}
},
"pushcount": "3",
"references": [
{
"href": "https://vulners.com/cve/CVE-2019-11135",
"type": "cve",
"id": "CVE-2019-11135",
"title": "CVE-2019-11135"
}
],
"release": "0",
"rights": "Copyright 2021 AlmaLinux OS",
"severity": "Moderate",
"solution": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"status": "final",
"summary": "An update for the virt:rhel and virt-devel:rhel modules is now available for AlmaLinux\n\nAlmaLinux Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Moderate: virt:rhel security update",
"type": "security",
"updated_date": {
"$date": 1580305374000
},
"version": "1"
}

90
alma/testdata/golden/2021/ALSA-2021:3152.json vendored Normal file
View File

@ -0,0 +1,90 @@
{
"_id": {
"$oid": "611a6fa438ca2e5c441e0809"
},
"bs_repo_id": {
"$oid": "5d9f70f5b456f24391e285fe"
},
"updateinfo_id": "ALSA-2021:3152",
"description": "Exiv2 is a C++ library to access image metadata, supporting read and write access to the Exif, IPTC and XMP metadata, Exif MakerNote support, extract and delete methods for Exif thumbnails, classes to access Ifd, and support for various image formats.\n\nSecurity Fix(es):\n\n* exiv2: Heap-based buffer overflow vulnerability in jp2image.cpp (CVE-2021-31291)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"fromstr": "packager@almalinux.org",
"issued_date": {
"$date": 1629104881000
},
"pkglist": {
"name": "codeready-builder-for-rhel-8-x86_64-rpms__8_0_default",
"shortname": "codeready-builder-for-rhel-8-x86_64-rpms__8_0_default",
"packages": [
{
"name": "exiv2-devel",
"version": "0.27.3",
"release": "3.el8_4",
"epoch": "0",
"arch": "x86_64",
"src": "exiv2-0.27.3-3.el8_4.src.rpm",
"filename": "exiv2-devel-0.27.3-3.el8_4.x86_64.rpm",
"sum": "87d2931076533b41afc31151df18caa4cf8664dae701fa0119231af92ee82eb6",
"sum_type": "sha256",
"reboot_suggested": 0
},
{
"name": "exiv2-doc",
"version": "0.27.3",
"release": "3.el8_4",
"epoch": "0",
"arch": "noarch",
"src": "exiv2-0.27.3-3.el8_4.src.rpm",
"filename": "exiv2-doc-0.27.3-3.el8_4.noarch.rpm",
"sum": "16aba0a97d57c60bc3109fdcb9497e42372be57667f6ad060e146b9a69f1d2c7",
"sum_type": "sha256",
"reboot_suggested": 0
},
{
"name": "exiv2",
"version": "0.27.3",
"release": "3.el8_4",
"epoch": "0",
"arch": "x86_64",
"src": "exiv2-0.27.3-3.el8_4.src.rpm",
"filename": "exiv2-0.27.3-3.el8_4.x86_64.rpm",
"sum": "e2a961e6cc7a03eeb045124832df07e42dc4e951efd4bbda14e31df749746db5",
"sum_type": "sha256",
"reboot_suggested": 0
},
{
"name": "exiv2-libs",
"version": "0.27.3",
"release": "3.el8_4",
"epoch": "0",
"arch": "x86_64",
"src": "exiv2-0.27.3-3.el8_4.src.rpm",
"filename": "exiv2-libs-0.27.3-3.el8_4.x86_64.rpm",
"sum": "2edf875e3931f4f78b686a5e63f6d6f96a7e508e90fc20cde38989579c200eeb",
"sum_type": "sha256",
"reboot_suggested": 0
}
],
"module": {}
},
"pushcount": "3",
"references": [
{
"href": "https://vulners.com/cve/CVE-2021-31291",
"type": "cve",
"id": "CVE-2021-31291",
"title": "CVE-2021-31291"
}
],
"release": "0",
"rights": "Copyright 2021 AlmaLinux OS",
"severity": "Important",
"solution": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"status": "final",
"summary": "An update for exiv2 is now available for AlmaLinux\n\nAlmaLinux Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Important: exiv2 security update",
"type": "security",
"updated_date": {
"$date": 1629304379060
},
"version": "1"
}

66
alma/testdata/golden/2021/ALSA-2021:3253.json vendored Normal file
View File

@ -0,0 +1,66 @@
{
"_id": {
"$oid": "6124ba4438ca2e5c441f5fff"
},
"bs_repo_id": {
"$oid": "5d9f70c5b456f24391e2644f"
},
"updateinfo_id": "ALSA-2021:3253",
"description": "libsndfile is a C library for reading and writing files containing sampled sound, such as AIFF, AU, or WAV. \n\nSecurity Fix(es):\n\n* libsndfile: Heap buffer overflow via crafted WAV file allows arbitrary code execution (CVE-2021-3246)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"fromstr": "packager@almalinux.org",
"issued_date": {
"$date": 1629790196000
},
"pkglist": {
"name": "almalinux-8-for-x86_64-appstream-rpms__8_0_default",
"shortname": "almalinux-8-for-x86_64-appstream-rpms__8_0_default",
"packages": [
{
"name": "libsndfile",
"version": "1.0.28",
"release": "10.el8_4.1",
"epoch": "0",
"arch": "i686",
"src": "libsndfile-1.0.28-10.el8_4.1.src.rpm",
"filename": "libsndfile-1.0.28-10.el8_4.1.i686.rpm",
"sum": "a3f34fa6b1fbcdedc6a71458aad13e977b6daea9e40aea94d723e5cfaefff1a0",
"sum_type": "sha256",
"reboot_suggested": 0
},
{
"name": "libsndfile",
"version": "1.0.28",
"release": "10.el8_4.1",
"epoch": "0",
"arch": "x86_64",
"src": "libsndfile-1.0.28-10.el8_4.1.src.rpm",
"filename": "libsndfile-1.0.28-10.el8_4.1.x86_64.rpm",
"sum": "c16dcef117a3a396e0040d1e37f9ec3ae46bb3d34dc18b569f43be345832ba25",
"sum_type": "sha256",
"reboot_suggested": 0
}
],
"module": {}
},
"pushcount": "2",
"references": [
{
"href": "https://vulners.com/cve/CVE-2021-3246",
"type": "cve",
"id": "CVE-2021-3246",
"title": "CVE-2021-3246"
}
],
"release": "0",
"rights": "Copyright 2021 AlmaLinux OS",
"severity": "Important",
"solution": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"status": "final",
"summary": "An update for libsndfile is now available for AlmaLinux\n\nAlmaLinux Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Important: libsndfile security update",
"type": "security",
"updated_date": {
"$date": 1629804795086
},
"version": "1"
}

1
alma/testdata/invalid.json vendored Normal file
View File

@ -0,0 +1 @@
invalid json

2
arch/archlinux.go
View File

@ -92,7 +92,7 @@ func (al ArchLinux) Update() error {
for _, asg := range asgs {
filePath := filepath.Join(al.dir, fmt.Sprintf("%s.json", asg.Name))
if err = utils.Write(filePath, asg); err != nil {
return xerrors.Errorf("failed to write Debian CVE details: %w", err)
return xerrors.Errorf("failed to write Arch Linux CVE details: %w", err)
}
bar.Increment()
}

11
main.go
View File

@ -14,6 +14,7 @@ import (
"golang.org/x/oauth2"
"golang.org/x/xerrors"
"github.com/aquasecurity/vuln-list-update/alma"
"github.com/aquasecurity/vuln-list-update/alpine"
"github.com/aquasecurity/vuln-list-update/amazon"
arch_linux "github.com/aquasecurity/vuln-list-update/arch"
@ -41,7 +42,7 @@ const (
var (
target = flag.String("target", "", "update target (nvd, alpine, redhat, redhat-oval, "+
"debian, debian-oval, ubuntu, amazon, oracle-oval, suse-cvrf, photon, arch-linux, ghsa, glad, cwe)")
"debian, debian-oval, ubuntu, amazon, oracle-oval, suse-cvrf, photon, arch-linux, alma, ghsa, glad, cwe)")
years = flag.String("years", "", "update years (only redhat)")
)
@ -182,9 +183,15 @@ func run() error {
case "arch-linux":
al := arch_linux.NewArchLinux()
if err := al.Update(); err != nil {
return xerrors.Errorf("error in CWE update: %w", err)
return xerrors.Errorf("error in Arch Linux update: %w", err)
}
commitMsg = "Arch Linux Security Tracker"
case "alma":
ac := alma.NewConfig()
if err := ac.Update(); err != nil {
return xerrors.Errorf("error in AlmaLinux update: %w", err)
}
commitMsg = "AlmaLinux Security Advisory"
default:
return xerrors.New("unknown target")
}