diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2020-11-18 08:39:57 +0100 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2020-11-18 08:42:48 +0100 |
commit | d8b81d2818b342cbf962a6fb7a7bd45b16505d34 (patch) | |
tree | a6d3a686ab0436a90341a0a8486d185794ad307b /check-external | |
parent | 655fcae98bc3ff8fc797c7fc1d2ce4b9f0417ad5 (diff) |
external-check: Handle vendor prefixed entries
When the source-$VENDOR.html lists contain a vendor prefixed CVE entry
the external check update command will bail out:
[...]
<td>DEBIAN:CVE-2019-1010022</td>
<td>DEBIAN:CVE-2019-1010023</td>
<td>DEBIAN:CVE-2019-1010024</td>
<td>DEBIAN:CVE-2019-1010025</td>
DEBIAN.list contains garbage (see above), aborting
Allow the expression to contain a VENDOR: prefix and strip it out as
well.
Link: https://lists.debian.org/debian-security-tracker/2020/11/msg00014.html
Signed-off-by: Salvatore Bonaccorso <carnil@debian.org>
Diffstat (limited to 'check-external')
-rwxr-xr-x | check-external/update.sh | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/check-external/update.sh b/check-external/update.sh index 8121eadcbd..8ad1660d03 100755 --- a/check-external/update.sh +++ b/check-external/update.sh @@ -58,7 +58,7 @@ check_list cve.list # or as specified at the individual html files or elsewhere on cve.mitre.org's website for vendor in SUSE DEBIAN GENTOO FEDORA REDHAT UBUNTU; do wget -N http://cve.mitre.org/data/refs/refmap/source-$vendor.html - sed -rn '/CVE-[12][0-9]{3}-/{s/^.+>(CVE-[12][0-9]{3}-[0-9]{4,})<.+$/\1/;p}' source-$vendor.html | + sed -rn "/CVE-[12][0-9]{3}-/{s/^.+>($vendor:)?(CVE-[12][0-9]{3}-[0-9]{4,})<.+$/\2/;p}" source-$vendor.html | sort -u > $vendor.list check_list $vendor.list done |