diff --git a/oval/util.go b/oval/util.go index 9ad86384c1..ccd112fdf2 100644 --- a/oval/util.go +++ b/oval/util.go @@ -21,6 +21,7 @@ import ( "encoding/json" "fmt" "net/http" + "regexp" "time" "github.com/cenkalti/backoff" @@ -320,10 +321,16 @@ func lessThan(family, versionRelease string, packB ovalmodels.Package) (bool, er return false, err } return vera.LessThan(verb), nil - case config.RedHat, config.CentOS, config.Oracle, config.SUSEEnterpriseServer: + case config.Oracle, config.SUSEEnterpriseServer: vera := rpmver.NewVersion(versionRelease) verb := rpmver.NewVersion(packB.Version) return vera.LessThan(verb), nil + case config.RedHat, config.CentOS: // TODO: Suport config.Scientific + rea := regexp.MustCompile(`\.[es]l(\d+)(?:_\d+)?(?:\.centos)?`) + reb := regexp.MustCompile(`\.el(\d+)(?:_\d+)?`) + vera := rpmver.NewVersion(rea.ReplaceAllString(versionRelease, ".el$1")) + verb := rpmver.NewVersion(reb.ReplaceAllString(packB.Version, ".el$1")) + return vera.LessThan(verb), nil default: util.Log.Errorf("Not implemented yet: %s", family) } diff --git a/oval/util_test.go b/oval/util_test.go index 1631490c42..e536de6711 100644 --- a/oval/util_test.go +++ b/oval/util_test.go @@ -261,7 +261,7 @@ func TestIsOvalDefAffected(t *testing.T) { // req.isSrcPack == false // Version comparison // oval vs NewVersion - // oval.version < installed.newVersion + // oval.version > installed.newVersion { in: in{ family: "ubuntu", @@ -320,6 +320,618 @@ func TestIsOvalDefAffected(t *testing.T) { affected: true, notFixedYet: false, }, + // RedHat + { + in: in{ + family: "redhat", + def: ovalmodels.Definition{ + AffectedPacks: []ovalmodels.Package{ + { + Name: "a", + NotFixedYet: false, + }, + { + Name: "b", + NotFixedYet: false, + Version: "0:1.2.3-45.el6_7.8", + }, + }, + }, + req: request{ + packName: "b", + isSrcPack: false, + versionRelease: "0:1.2.3-45.el6_7.7", + }, + }, + affected: true, + notFixedYet: true, + }, + { + in: in{ + family: "redhat", + def: ovalmodels.Definition{ + AffectedPacks: []ovalmodels.Package{ + { + Name: "a", + NotFixedYet: false, + }, + { + Name: "b", + NotFixedYet: false, + Version: "0:1.2.3-45.el6_7.8", + }, + }, + }, + req: request{ + packName: "b", + isSrcPack: false, + versionRelease: "0:1.2.3-45.el6_7.8", + }, + }, + affected: false, + notFixedYet: false, + }, + { + in: in{ + family: "redhat", + def: ovalmodels.Definition{ + AffectedPacks: []ovalmodels.Package{ + { + Name: "a", + NotFixedYet: false, + }, + { + Name: "b", + NotFixedYet: false, + Version: "0:1.2.3-45.el6_7.8", + }, + }, + }, + req: request{ + packName: "b", + isSrcPack: false, + versionRelease: "0:1.2.3-45.el6_7.9", + }, + }, + affected: false, + notFixedYet: false, + }, + { + in: in{ + family: "redhat", + def: ovalmodels.Definition{ + AffectedPacks: []ovalmodels.Package{ + { + Name: "a", + NotFixedYet: false, + }, + { + Name: "b", + NotFixedYet: false, + Version: "0:1.2.3-45.el6_7.8", + }, + }, + }, + req: request{ + packName: "b", + isSrcPack: false, + versionRelease: "0:1.2.3-45.el6_7.6", + NewVersionRelease: "0:1.2.3-45.el6_7.7", + }, + }, + affected: true, + notFixedYet: true, + }, + { + in: in{ + family: "redhat", + def: ovalmodels.Definition{ + AffectedPacks: []ovalmodels.Package{ + { + Name: "a", + NotFixedYet: false, + }, + { + Name: "b", + NotFixedYet: false, + Version: "0:1.2.3-45.el6_7.8", + }, + }, + }, + req: request{ + packName: "b", + isSrcPack: false, + versionRelease: "0:1.2.3-45.el6_7.6", + NewVersionRelease: "0:1.2.3-45.el6_7.8", + }, + }, + affected: true, + notFixedYet: false, + }, + { + in: in{ + family: "redhat", + def: ovalmodels.Definition{ + AffectedPacks: []ovalmodels.Package{ + { + Name: "a", + NotFixedYet: false, + }, + { + Name: "b", + NotFixedYet: false, + Version: "0:1.2.3-45.el6_7.8", + }, + }, + }, + req: request{ + packName: "b", + isSrcPack: false, + versionRelease: "0:1.2.3-45.el6_7.6", + NewVersionRelease: "0:1.2.3-45.el6_7.9", + }, + }, + affected: true, + notFixedYet: false, + }, + { + in: in{ + family: "redhat", + def: ovalmodels.Definition{ + AffectedPacks: []ovalmodels.Package{ + { + Name: "a", + NotFixedYet: false, + }, + { + Name: "b", + NotFixedYet: false, + Version: "0:1.2.3-45.el6_7.8", + }, + }, + }, + req: request{ + packName: "b", + isSrcPack: false, + versionRelease: "0:1.2.3-45.el6.8", + }, + }, + affected: false, + notFixedYet: false, + }, + { + in: in{ + family: "redhat", + def: ovalmodels.Definition{ + AffectedPacks: []ovalmodels.Package{ + { + Name: "a", + NotFixedYet: false, + }, + { + Name: "b", + NotFixedYet: false, + Version: "0:1.2.3-45.el6.8", + }, + }, + }, + req: request{ + packName: "b", + isSrcPack: false, + versionRelease: "0:1.2.3-45.el6_7.8", + }, + }, + affected: false, + notFixedYet: false, + }, + // CentOS + { + in: in{ + family: "centos", + def: ovalmodels.Definition{ + AffectedPacks: []ovalmodels.Package{ + { + Name: "a", + NotFixedYet: false, + }, + { + Name: "b", + NotFixedYet: false, + Version: "0:1.2.3-45.el6_7.8", + }, + }, + }, + req: request{ + packName: "b", + isSrcPack: false, + versionRelease: "0:1.2.3-45.el6.centos.7", + }, + }, + affected: true, + notFixedYet: true, + }, + { + in: in{ + family: "centos", + def: ovalmodels.Definition{ + AffectedPacks: []ovalmodels.Package{ + { + Name: "a", + NotFixedYet: false, + }, + { + Name: "b", + NotFixedYet: false, + Version: "0:1.2.3-45.el6_7.8", + }, + }, + }, + req: request{ + packName: "b", + isSrcPack: false, + versionRelease: "0:1.2.3-45.el6.centos.8", + }, + }, + affected: false, + notFixedYet: false, + }, + { + in: in{ + family: "centos", + def: ovalmodels.Definition{ + AffectedPacks: []ovalmodels.Package{ + { + Name: "a", + NotFixedYet: false, + }, + { + Name: "b", + NotFixedYet: false, + Version: "0:1.2.3-45.el6_7.8", + }, + }, + }, + req: request{ + packName: "b", + isSrcPack: false, + versionRelease: "0:1.2.3-45.el6.centos.9", + }, + }, + affected: false, + notFixedYet: false, + }, + { + in: in{ + family: "centos", + def: ovalmodels.Definition{ + AffectedPacks: []ovalmodels.Package{ + { + Name: "a", + NotFixedYet: false, + }, + { + Name: "b", + NotFixedYet: false, + Version: "0:1.2.3-45.el6_7.8", + }, + }, + }, + req: request{ + packName: "b", + isSrcPack: false, + versionRelease: "0:1.2.3-45.el6.centos.6", + NewVersionRelease: "0:1.2.3-45.el6.centos.7", + }, + }, + affected: true, + notFixedYet: true, + }, + { + in: in{ + family: "centos", + def: ovalmodels.Definition{ + AffectedPacks: []ovalmodels.Package{ + { + Name: "a", + NotFixedYet: false, + }, + { + Name: "b", + NotFixedYet: false, + Version: "0:1.2.3-45.el6_7.8", + }, + }, + }, + req: request{ + packName: "b", + isSrcPack: false, + versionRelease: "0:1.2.3-45.el6.centos.6", + NewVersionRelease: "0:1.2.3-45.el6.centos.8", + }, + }, + affected: true, + notFixedYet: false, + }, + { + in: in{ + family: "centos", + def: ovalmodels.Definition{ + AffectedPacks: []ovalmodels.Package{ + { + Name: "a", + NotFixedYet: false, + }, + { + Name: "b", + NotFixedYet: false, + Version: "0:1.2.3-45.el6_7.8", + }, + }, + }, + req: request{ + packName: "b", + isSrcPack: false, + versionRelease: "0:1.2.3-45.el6.centos.6", + NewVersionRelease: "0:1.2.3-45.el6.centos.9", + }, + }, + affected: true, + notFixedYet: false, + }, + { + in: in{ + family: "centos", + def: ovalmodels.Definition{ + AffectedPacks: []ovalmodels.Package{ + { + Name: "a", + NotFixedYet: false, + }, + { + Name: "b", + NotFixedYet: false, + Version: "0:1.2.3-45.el6_7.8", + }, + }, + }, + req: request{ + packName: "b", + isSrcPack: false, + versionRelease: "0:1.2.3-45.el6.8", + }, + }, + affected: false, + notFixedYet: false, + }, + { + in: in{ + family: "centos", + def: ovalmodels.Definition{ + AffectedPacks: []ovalmodels.Package{ + { + Name: "a", + NotFixedYet: false, + }, + { + Name: "b", + NotFixedYet: false, + Version: "0:1.2.3-45.el6.8", + }, + }, + }, + req: request{ + packName: "b", + isSrcPack: false, + versionRelease: "0:1.2.3-45.el6_7.8", + }, + }, + affected: false, + notFixedYet: false, + }, + // TODO: If vuls support Scientific, replace "centos" below to "scientific". + { + in: in{ + family: "centos", + def: ovalmodels.Definition{ + AffectedPacks: []ovalmodels.Package{ + { + Name: "a", + NotFixedYet: false, + }, + { + Name: "b", + NotFixedYet: false, + Version: "0:1.2.3-45.el6_7.8", + }, + }, + }, + req: request{ + packName: "b", + isSrcPack: false, + versionRelease: "0:1.2.3-45.sl6.7", + }, + }, + affected: true, + notFixedYet: true, + }, + { + in: in{ + family: "centos", + def: ovalmodels.Definition{ + AffectedPacks: []ovalmodels.Package{ + { + Name: "a", + NotFixedYet: false, + }, + { + Name: "b", + NotFixedYet: false, + Version: "0:1.2.3-45.el6_7.8", + }, + }, + }, + req: request{ + packName: "b", + isSrcPack: false, + versionRelease: "0:1.2.3-45.sl6.8", + }, + }, + affected: false, + notFixedYet: false, + }, + { + in: in{ + family: "centos", + def: ovalmodels.Definition{ + AffectedPacks: []ovalmodels.Package{ + { + Name: "a", + NotFixedYet: false, + }, + { + Name: "b", + NotFixedYet: false, + Version: "0:1.2.3-45.el6_7.8", + }, + }, + }, + req: request{ + packName: "b", + isSrcPack: false, + versionRelease: "0:1.2.3-45.sl6.9", + }, + }, + affected: false, + notFixedYet: false, + }, + { + in: in{ + family: "centos", + def: ovalmodels.Definition{ + AffectedPacks: []ovalmodels.Package{ + { + Name: "a", + NotFixedYet: false, + }, + { + Name: "b", + NotFixedYet: false, + Version: "0:1.2.3-45.el6_7.8", + }, + }, + }, + req: request{ + packName: "b", + isSrcPack: false, + versionRelease: "0:1.2.3-45.sl6.6", + NewVersionRelease: "0:1.2.3-45.sl6.7", + }, + }, + affected: true, + notFixedYet: true, + }, + { + in: in{ + family: "centos", + def: ovalmodels.Definition{ + AffectedPacks: []ovalmodels.Package{ + { + Name: "a", + NotFixedYet: false, + }, + { + Name: "b", + NotFixedYet: false, + Version: "0:1.2.3-45.el6_7.8", + }, + }, + }, + req: request{ + packName: "b", + isSrcPack: false, + versionRelease: "0:1.2.3-45.sl6.6", + NewVersionRelease: "0:1.2.3-45.sl6.8", + }, + }, + affected: true, + notFixedYet: false, + }, + { + in: in{ + family: "centos", + def: ovalmodels.Definition{ + AffectedPacks: []ovalmodels.Package{ + { + Name: "a", + NotFixedYet: false, + }, + { + Name: "b", + NotFixedYet: false, + Version: "0:1.2.3-45.el6_7.8", + }, + }, + }, + req: request{ + packName: "b", + isSrcPack: false, + versionRelease: "0:1.2.3-45.sl6.6", + NewVersionRelease: "0:1.2.3-45.sl6.9", + }, + }, + affected: true, + notFixedYet: false, + }, + { + in: in{ + family: "centos", + def: ovalmodels.Definition{ + AffectedPacks: []ovalmodels.Package{ + { + Name: "a", + NotFixedYet: false, + }, + { + Name: "b", + NotFixedYet: false, + Version: "0:1.2.3-45.el6_7.8", + }, + }, + }, + req: request{ + packName: "b", + isSrcPack: false, + versionRelease: "0:1.2.3-45.el6.8", + }, + }, + affected: false, + notFixedYet: false, + }, + { + in: in{ + family: "centos", + def: ovalmodels.Definition{ + AffectedPacks: []ovalmodels.Package{ + { + Name: "a", + NotFixedYet: false, + }, + { + Name: "b", + NotFixedYet: false, + Version: "0:1.2.3-45.el6.8", + }, + }, + }, + req: request{ + packName: "b", + isSrcPack: false, + versionRelease: "0:1.2.3-45.el6_7.8", + }, + }, + affected: false, + notFixedYet: false, + }, } for i, tt := range tests { affected, notFixedYet := isOvalDefAffected(tt.in.def, tt.in.family, tt.in.req)