diff options
author | Nicolas Graves via Guix-patches via <guix-patches@gnu.org> | 2024-11-24 21:16:19 +0100 |
---|---|---|
committer | Zheng Junjie <z572@z572.online> | 2025-06-23 12:31:09 +0800 |
commit | 229674573cd3d2d2006acec7a6dc0d2a39f987df (patch) | |
tree | f23da2b4a8bf3b914e2ce7b97264c4d1da63f809 /tests/cve.scm | |
parent | f511be7bccdb3e5bbe4faed2829be73ad4e1ee01 (diff) |
cve: Add cpe-vendor and lint-hidden-cpe-vendors properties.
* guix/cve.scm: Exploit cpe vendors information.
(cpe->package-name): Rename to...
(cpe->package-identifier): Renamed from cpe->package-name. Use
cpe_vendor:cpe_name in place or cpe_name.
(vulnerabily-matches?): Add helper function.
(vulnerabilities->lookup-proc): Extract cpe_name for table
hashes. Add vendor and hidden-vendor arguments. Adapt condition to
pass vulnerabilities to result in the fold.
(write-cache, fetch-vulnerabilities): Update the format version.
* guix/lint.scm (package-vulnerabilities): Use additional arguments
from vulnerabilities->lookup-proc.
* tests/cve.scm (%expected-vulnerabilities): Adapt variable to changes
in guix/cve.scm.
Signed-off-by: Zheng Junjie <z572@z572.online>
Diffstat (limited to 'tests/cve.scm')
-rw-r--r-- | tests/cve.scm | 14 |
1 files changed, 7 insertions, 7 deletions
diff --git a/tests/cve.scm b/tests/cve.scm index b69da0e120..90ada2b647 100644 --- a/tests/cve.scm +++ b/tests/cve.scm @@ -34,19 +34,19 @@ (vulnerability "CVE-2019-0001" ;; Only the "a" CPE configurations are kept; the "o" ;; configurations are discarded. - '(("junos" (or "18.21-s4" (or "18.21-s3" "18.2"))))) + '(("juniper" "junos" (or "18.2" (or "18.21-s3" "18.21-s4"))))) (vulnerability "CVE-2019-0005" - '(("junos" (or "18.11" "18.1")))) + '(("juniper" "junos" (or "18.1" "18.11")))) ;; CVE-2019-0005 has no "a" configurations. (vulnerability "CVE-2019-14811" - '(("ghostscript" (< "9.28")))) + '(("artifex" "ghostscript" (< "9.28")))) (vulnerability "CVE-2019-17365" - '(("nix" (<= "2.3")))) + '(("nixos" "nix" (<= "2.3")))) (vulnerability "CVE-2019-1010180" - '(("gdb" _))) ;any version + '(("gnu" "gdb" _))) ;any version (vulnerability "CVE-2019-1010204" - '(("binutils" (and (>= "2.21") (<= "2.31.1"))) - ("binutils_gold" (and (>= "1.11") (<= "1.16"))))) + '(("gnu" "binutils" (and (>= "2.21") (<= "2.31.1"))) + ("gnu" "binutils_gold" (and (>= "1.11") (<= "1.16"))))) ;; CVE-2019-18192 has no associated configurations. )) |