diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2023-04-10 11:30:38 +0200 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2023-04-10 11:30:38 +0200 |
commit | b8e7bfe87c30f1e2c240955c488e5f40978f8741 (patch) | |
tree | e088b8cd42ca139f0b7e67ea1a463cb23ea58a0a | |
parent | 4577bd1fb5a89bbcad08583520d0423e8225651e (diff) |
external-check: Handle vendor entries with additional vendor security prefix
Additionally to the vendored entries addressed in d8b81d2818b3
("external-check: Handle vendor prefixed entries") some entries might be
of the form "UBUNTU:Ubuntu security $CVE", and the external check update
will bail out as:
[...]
<td>UBUNTU:Ubuntu Security CVE-2020-11935</td>
UBUNTU.list contains garbage (see above), aborting
Allow the expression to contain additionall an additional text beweend
the vendor prefix and the CVE. Maybe we should simply match anything
beween a opening HTML tag, the CVE and a closing tag, filtering out the
CVE as better solution.
The idea behind this change is to really poinpoint any vendor entry in
the respective source-$vendor.html list.
Link: https://lists.debian.org/debian-security-tracker/2023/04/msg00003.html
Signed-off-by: Salvatore Bonaccorso <carnil@debian.org>
-rwxr-xr-x | check-external/update.sh | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/check-external/update.sh b/check-external/update.sh index 8ad1660d03..4025728e2c 100755 --- a/check-external/update.sh +++ b/check-external/update.sh @@ -58,7 +58,7 @@ check_list cve.list # or as specified at the individual html files or elsewhere on cve.mitre.org's website for vendor in SUSE DEBIAN GENTOO FEDORA REDHAT UBUNTU; do wget -N http://cve.mitre.org/data/refs/refmap/source-$vendor.html - sed -rn "/CVE-[12][0-9]{3}-/{s/^.+>($vendor:)?(CVE-[12][0-9]{3}-[0-9]{4,})<.+$/\2/;p}" source-$vendor.html | + sed -rn "/CVE-[12][0-9]{3}-/{s/^.+>($vendor:)?($vendor Security )?(CVE-[12][0-9]{3}-[0-9]{4,})<.+$/\3/i;p}" source-$vendor.html | sort -u > $vendor.list check_list $vendor.list done |