search

canonical / sec-cvescan

Analyzes an Ubuntu system and checks for unpatched vulnerabilities.
GNU General Public License v3.0
88 stars 31 forks source link

CVE data not yet published for Impish Indiri #85

Closed kfiresmith closed 3 years ago

kfiresmith commented 3 years ago

Looks like we don't have content for Impish yet: https://people.canonical.com/~ubuntu-security/cvescan/?C=M;O=D

Results in traceback (would be nice if this exception could be caught gracefully to provide error message instead of traceback):

$ cvescan
❌ Download Failed! 
Traceback (most recent call last):
  File "/snap/cvescan/281/lib/python3.6/site-packages/ust_download_cache/ust_download_cache.py", line 169, in _download
    r.raise_for_status()
  File "/snap/cvescan/281/lib/python3.6/site-packages/requests/models.py", line 941, in raise_for_status
    raise HTTPError(http_error_msg, response=self)
requests.exceptions.HTTPError: 404 Client Error: Not Found for url: https://people.canonical.com/~ubuntu-security/cvescan/ubuntu-vuln-db-impish.json.bz2

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/snap/cvescan/281/bin/cvescan", line 33, in <module>
    sys.exit(load_entry_point('cvescan==2.5.0', 'console_scripts', 'cvescan')())
  File "/snap/cvescan/281/lib/python3.6/site-packages/cvescan/__main__.py", line 70, in main
    uct_data = load_uct_data(opt, download_cache, target_sysinfo)
  File "/snap/cvescan/281/lib/python3.6/site-packages/cvescan/__main__.py", line 228, in wrapper
    raise ex
  File "/snap/cvescan/281/lib/python3.6/site-packages/cvescan/__main__.py", line 223, in wrapper
    return_value = func(*args, **kwargs)
  File "/snap/cvescan/281/lib/python3.6/site-packages/cvescan/__main__.py", line 246, in load_uct_data
    uct_data = download_cache.get_data_from_url(uct_data_url)
  File "/snap/cvescan/281/lib/python3.6/site-packages/ust_download_cache/ust_download_cache.py", line 104, in get_data_from_url
    return self._get_from_url(url)["data"]
  File "/snap/cvescan/281/lib/python3.6/site-packages/ust_download_cache/ust_download_cache.py", line 110, in _get_from_url
    path = self._get_cached_file_path(url)
  File "/snap/cvescan/281/lib/python3.6/site-packages/ust_download_cache/ust_download_cache.py", line 128, in _get_cached_file_path
    self._download_and_cache_file(url)
  File "/snap/cvescan/281/lib/python3.6/site-packages/ust_download_cache/ust_download_cache.py", line 145, in _download_and_cache_file
    self._download(url, downloaded_file_path)
  File "/snap/cvescan/281/lib/python3.6/site-packages/ust_download_cache/ust_download_cache.py", line 172, in _download
    raise DownloadError("Downloading %s failed: %s" % (download_url, ex))
ust_download_cache.errors.DownloadError: Downloading https://people.canonical.com/~ubuntu-security/cvescan/ubuntu-vuln-db-impish.json.bz2 failed: 404 Client Error: Not Found for url: https://people.canonical.com/~ubuntu-security/cvescan/ubuntu-vuln-db-impish.json.bz2
alexmurray commented 3 years ago

This has been resolved now:

[amurray:~] $ lsb_release  -a
No LSB modules are available.
Distributor ID: Ubuntu
Description:    Ubuntu 21.10
Release:    21.10
Codename:   impish
[amurray:~] $ cvescan
✅ Ubuntu vulnerability datbase successfully downloaded! 
✅ Scan complete!

Summary
------------------------------------  --------------
Ubuntu Release                        impish
Installed Packages                    2228
CVE Priority                          high or higher
Unique Packages Fixable by Patching   0
Unique CVEs Fixable by Patching       0
Vulnerabilities Fixable by Patching   0
Fixes Available by `apt-get upgrade`  0
------------------------------------  --------------
[amurray:~] 4s 3 $
kfiresmith commented 3 years ago

Thanks @alexmurray !