search

immauss / openvas

Containers for running the Greenbone Vulnerability Manager. Run as a single container with all services or separate single applications containers via docker-compose.
GNU Affero General Public License v3.0
354 stars 102 forks source link

Your vulnerability tests are out of maintenance and not updated since September 1st 2020. #9

Closed TheUntouchable closed 4 years ago

TheUntouchable commented 4 years ago

I just redeployed the docker container today and got this message after starting the first scan.

Summary
ATTENTION:

Your vulnerability tests are out of maintenance and not updated since September 1st 2020. Your setup of Greenbone Source Edition will not report about any new threats in your scanned environment since this date!

REASON:

Your Greenbone setup is connected to a discontinued download server of the Greenbone Community Feed. The Greenbone Community Feed is still available via a new download server. The discontinuation announcement was posted on May 13th at the Greenbone Community Portal.

SOLUTION:

You can consider to upgrade your setup to a Greenbone enterprise product which also provides you the full scan coverage via Greenbone Security Feed (see PROFESSIONAL SOLUTION). Alternatively you can continue with the Greenbone Community Feed (see FREE COMMUNITY SOLUTION).

Is there a way to fix that?

TheUntouchable commented 4 years ago

I think it was fixed yesterday night ;) Merge pull request #6 from felimwhiteley/patch-1

EDIT: Okay, got the same message with the new container version..

immauss commented 4 years ago

I'm in the process of testing with the latest version, 20.08.0. Let's see if that takes care of it. I should have it live today or tomorrow. Thanks, Scott

felimwhiteley commented 4 years ago

Yeah I'd thought that would have solved it but no. Appears there is a new update mechanism (or a single managed script using various types in 20.8.0). I got a basic 20.8.0 updating ok, just the intial DB load up seems a bit mangled on my test.

immauss commented 4 years ago

Where did you see this message?

The container build completed with no issues after updating version numbers in the Dockerfile. I'm running a first scan from it now, and I see some missing dependencies for some *.nasl modules but seems to be running fine otherwise.

TheUntouchable commented 4 years ago

I got that in the scanning result list, see the screenshot 2020-09-11 11_45_44-Window

immauss commented 4 years ago

So upgrading to 20.8.0 is going to take a bit more effort than anticipated. Let me see if there is a way to resolve this in the meantime.

immauss commented 4 years ago

The URL was not updated in the start.sh script. Updated the URL, should be getting the current community feed now.

Changing the start.sh to call the feed update scripts from /usr/local/ instead of copying them in from the /scripts directory. Should prevent this sort of issues in the future should they make additional changes to the feed sync.

immauss commented 4 years ago

Thanks for spotting this and letting me know.

TheUntouchable commented 4 years ago

Thanks a lot! :)