search

CESNET / pakiti-server

Pakiti provides a monitoring mechanism to check the patching status of Linux systems.
BSD 2-Clause "Simplified" License
49 stars 35 forks source link

Install fails - RedHat OVAL v1 deprecated #193

Closed benjamindonnachie closed 3 months ago

benjamindonnachie commented 4 months ago

Last year RedHat switched off v1 of their OVAL (See https://access.redhat.com/OVAL_v1_deprecation_announcement). As a result, I'm unable to set up a new pakiti install as downloads of the vuln definitions fail.

Are there plans to update Pakiti to OVAL v2?

(I'll update with screenshots / error messages shortly)

benjamindonnachie commented 4 months ago 
$php server-bootstrap.php
Added vulnerability descriptions for RHEL 6.
Added vulnerability descriptions for RHEL 7.
Added vulnerability descriptions for RHEL 8.
Added vulnerability descriptions for Debian Security.
Added vulnerability descriptions for Debian LTS Security.
Downloading all vulnerability definitions (be patient) ...PHP Warning:  file_get_contents(https://www.redhat.com/security/data/oval/com.redhat.rhsa-RHEL6.xml): Failed to open stream: HTTP request failed! HTTP/1.1 404 Not Found
 in /home/bd315/pakiti-server/src/common/Utils.php on line 145
Pakiti: () Wed, 24 Apr 24 11:05:45 +0100: Error reading definitions for %s: %s
PHP Warning:  file_get_contents(https://www.redhat.com/security/data/oval/com.redhat.rhsa-RHEL7.xml): Failed to open stream: HTTP request failed! HTTP/1.1 404 Not Found
 in /home/bd315/pakiti-server/src/common/Utils.php on line 145
Pakiti: () Wed, 24 Apr 24 11:05:46 +0100: Error reading definitions for %s: %s
PHP Warning:  file_get_contents(https://www.redhat.com/security/data/oval/com.redhat.rhsa-RHEL8.xml): Failed to open stream: HTTP request failed! HTTP/1.1 404 Not Found
 in /home/bd315/pakiti-server/src/common/Utils.php on line 145
Pakiti: () Wed, 24 Apr 24 11:05:46 +0100: Error reading definitions for %s: %s
PHP Fatal error:  Uncaught Exception: Error reading Debian Source indices: Unknown mimetype application/gzip in /home/bd315/pakiti-server/src/modules/vds/sources/CveSubSources/Debian.php:119
Stack trace:
#0 /home/bd315/pakiti-server/src/modules/vds/sources/CveSubSources/Debian.php(129): Debian->update_package_mapping()
#1 /home/bd315/pakiti-server/src/modules/vds/sources/CveSubSources/Debian.php(251): Debian->add_resolved_packages()
#2 /home/bd315/pakiti-server/src/modules/vds/lib/SubSource.php(223): Debian->processAdvisories()
#3 /home/bd315/pakiti-server/src/modules/vds/sources/CveSource.php(47): SubSource->retrieveVulnerabilities()
#4 /home/bd315/pakiti-server/src/modules/vds/VdsModule.php(30): CveSource->retrieveVulnerabilities()
#5 /home/bd315/pakiti-server/install/server-bootstrap.php(85): VdsModule->synchronize()
#6 {main}
  thrown in /home/bd315/pakiti-server/src/modules/vds/sources/CveSubSources/Debian.php on line 119
benjamindonnachie commented 4 months ago

RedHat OVAL feed is now under https://access.redhat.com/security/data/oval/v2/

HavrilaJ commented 4 months ago

Hi, I updated links in install script, as we use it.

benjamindonnachie commented 3 months ago

Thanks!