Add support for Amazon Linux 2022 in Vulnerability Detector

[MarcelKemp]

Component	Install type	Platform
Vulnerability Detector	Manager	Amazon Linux 2022

Description

The aim of this issue is to add native support for vulnerability scans to Amazon Linux 2022.

Amazon Linux 2022 offers its own OVAL feed (ALAS 2022): https://alas.aws.amazon.com/AL2022/alas.rss

We currently support older versions of Amazon Linux (1 and 2). We should incorporate this new OVAL that has just been released.

Configuration

The configuration block for this new distribution will be like the one we have for the previous versions:

<vulnerability-detector>
    ...
    <!-- Amazon Linux OS vulnerabilities -->
    <provider name="alas">
      <enabled>yes</enabled>
      <os>amazon-linux-2022</os>
      <update_interval>1h</update_interval>
    </provider>
    ...
</vulnerability-detector>

Tasks

• AL2022 support: Create Amazon Linux 2022 feed #13196
• AL2022 support: Add, detect and scan Amazon Linux 2022 agents with Vulnerability Detector #13210
• Amazon Linux 2022 support for Vulnerability Detector wazuh-documentation#5099
• Integration tests for Vulnerability Detector: Amazon Linux 2022 support wazuh-qa#2813
• Manual testing - AL2022 support in Vulnerability Detector wazuh-qa#2962
• https://github.com/wazuh/wazuh-jenkins/issues/3466

[MarcelKemp]

We have the following information about the OS:

• os_info:

{"data": {"affected_items": [{"os": {"major": "2022", "name": "Amazon Linux", "platform": "amzn", "version": "2022"}, "scan": {"id": 0, "time": "2022-04-11T16:19:56Z"}, "release": "5.15.25-14.106.amzn2022.x86_64", "hostname": "ip-172-31-11-141.ec2.internal", "version": "#1 SMP Wed Mar 2 19:27:42 UTC 2022", "sysname": "Linux", "architecture": "x86_64", "agent_id": "001"}], "total_affected_items": 1, "total_failed_items": 0, "failed_items": []}

• sys_programs: (Only available since Wazuh v4.4 - Issue: #13114 (fixed by #11571))

AL2022_packages.txt