diff --git a/cve_bin_tool/checkers/__init__.py b/cve_bin_tool/checkers/__init__.py index 74651e89d3..673fddb690 100644 --- a/cve_bin_tool/checkers/__init__.py +++ b/cve_bin_tool/checkers/__init__.py @@ -1,22 +1,21 @@ """ CVE Checkers """ __all__ = [ + "bluez", "curl", - "node", - "xml2", "expat", - "openssl", - "tiff", - "zlib", + "icu", + "kerberos", + "libgcrypt", + "libjpeg", "libnss", + "node", + "openssh", + "openssl", "png", - "xerces", - "libjpeg", - "xerces", - "libgcrypt", - "systemd", "sqlite", - "kerberos", - "icu", - "openssh", - "bluez", + "systemd", + "tiff", + "xerces", + "xml2", + "zlib", ] diff --git a/cve_bin_tool/checkers/openssh.py b/cve_bin_tool/checkers/openssh.py index 37449e47d3..295e2db6cc 100644 --- a/cve_bin_tool/checkers/openssh.py +++ b/cve_bin_tool/checkers/openssh.py @@ -10,11 +10,12 @@ import sys, re + def get_version(lines, filename): """ Get the version and return it for OpenSSH server or client - VPkg: openssh + VPkg: openbsd, openssh """ regex = re.compile("OpenSSH_([0-9]+\.[0-9]+[0-9a-z\s]*)") version_info = dict() @@ -23,11 +24,21 @@ def get_version(lines, filename): for l in lines: if regex.match(l): version_info["version"] = regex.match(l).groups()[0] - break # The binary seems to contain many version strings and the - #first one matches the binary in question - - if filename in ["scp", "sftp", "ssh", "ssh-add", "ssh-agent", "ssh-argv0", \ - "ssh-copy-id", "ssh-keygen", "ssh-keyscan", "slogin"]: + break # The binary seems to contain many version strings and the + # first one matches the binary in question + + if filename in [ + "scp", + "sftp", + "ssh", + "ssh-add", + "ssh-agent", + "ssh-argv0", + "ssh-copy-id", + "ssh-keygen", + "ssh-keyscan", + "slogin", + ]: version_info["is_or_contains"] = "is" version_info["modulename"] = "openssh-client" elif filename in ["sshd"]: