/
debian_pkg_CVE
executable file
·96 lines (83 loc) · 2.95 KB
/
debian_pkg_CVE
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
#!/usr/bin/python3.7
import json
import os
import sys
f=open(sys.argv[1],"r")
cvestr=json.load(f)
# print(cvestr)
# print(cvestr.keys())
f.close()
resList =[]
for i in cvestr:
# print(i,"-->",cvestr[i])
pkg= i #包名
if pkg == 'linux':
continue
# print('pkg:',i)
# print(cvestr[i].keys()) #此包所有cveid
# 清空值
cve_description = 'null'
buster_pkg_version= 'null'
buster_status= 'null'
fixed_version= 'null'
sid_pkg_version= 'null'
sid_status= 'null'
sid_fixed_version= 'null'
buster_urgency = 'null'
for j in cvestr[i]:
cveid = j #CVE号
#print('CVEid:',j)
# print(cvestr[i][j]) #此包所有cveid的详细信息
if 'description' in cvestr[i][j]:
cve_description=cvestr[i][j]['description']
cve_description=cve_description.replace("'","\"") #将所有 ' 换成 "
else:
cve_description='null'
#print("description:",cve_description)#cve描述
if 'buster' in cvestr[i][j]['releases']:
# print(cvestr[i][j]['releases']['buster']['repositories'])
buster_status = cvestr[i][j]['releases']['buster']['status'] #CVE处理状态
#print('CVE在buster处理状态:',buster_status)
if 'urgency' in cvestr[i][j]['releases']['buster']:
buster_urgency = cvestr[i][j]['releases']['buster']['urgency'] #buster上的紧急程度
else:
buster_urgency = 'null'
buster_pkg_version = cvestr[i][j]['releases']['buster']['repositories']['buster'] #pkg在buster的版本
#print(i,"的buster版本:",buster_pkg_version)
if 'fixed_version' in cvestr[i][j]['releases']['buster']:
fixed_version = cvestr[i][j]['releases']['buster']['fixed_version'] #修复版本
else:
fixed_version = 'null'
else:
continue
if 'sid' in cvestr[i][j]['releases']:
sid_status = cvestr[i][j]['releases']['sid']['status']
sid_pkg_version = cvestr[i][j]['releases']['sid']['repositories']['sid']
if 'fixed_version' in cvestr[i][j]['releases']['sid']:
sid_fixed_version = cvestr[i][j]['releases']['sid']['fixed_version'] #修复版本
else:
sid_fixed_version = 'null'
# else:
# buster_status = 'null'
# buster_pkg_version = 'null'
# fixed_version = 'null'
#转数据库
# sql="INSERT INTO `cve_list` VALUES('{}','{}','{}','{}','{}','{}','{}');\n".format(i,j,cve_description,buster_status,buster_urgency,buster_pkg_version,fixed_version)
#print(sql)
#转化成json格式
cveinfo = {}
cveinfo["cve"] = j
cveinfo["package"] = i
cveinfo["cve_description"] = cve_description
cveinfo["debian_buster_version"] = buster_pkg_version
cveinfo["debian_buster_status"] = buster_status #open resolved
cveinfo["upstream_fixed_version"] = fixed_version
cveinfo["debian_sid_version"] = sid_pkg_version
cveinfo["debian_sid_status"] = sid_status #open resolved
cveinfo["upstream_sid_fixed_version"] = sid_fixed_version
#cveinfo["urgency"] = buster_urgency
resList.append(cveinfo)
json_info = json.dumps(resList)
out_file=open("./transit/debianCVE.json","w")
out_file.write(json_info)
out_file.close()