search

nix-community / vulnix

Vulnerability (CVE) scanner for Nix/NixOS.
BSD 3-Clause "New" or "Revised" License
464 stars 35 forks source link

XML data feed discontinued, use JSON feed instead #55

Closed ckauhaus closed 4 years ago

ckauhaus commented 4 years ago

See https://nvd.nist.gov/General/News/XML-Vulnerability-Feed-Retirement

NeQuissimus commented 4 years ago

Is this the cause for the following output?

λ ./result/bin/vulnix -G
Traceback (most recent call last):
  File "/nix/store/ihifrwhrqs4ws51i9njk3yxzq6rh6qmz-vulnix-1.8.2/bin/.vulnix-wrapped", line 9, in <module>
    sys.exit(main())
  File "/nix/store/5mjbf64yfqlr17pfj6xpy6h1w1xc1i57-python3.7-click-7.0/lib/python3.7/site-packages/click/core.py", line 764, in __call__
    return self.main(*args, **kwargs)
  File "/nix/store/5mjbf64yfqlr17pfj6xpy6h1w1xc1i57-python3.7-click-7.0/lib/python3.7/site-packages/click/core.py", line 717, in main
    rv = self.invoke(ctx)
  File "/nix/store/5mjbf64yfqlr17pfj6xpy6h1w1xc1i57-python3.7-click-7.0/lib/python3.7/site-packages/click/core.py", line 956, in invoke
    return ctx.invoke(self.callback, **ctx.params)
  File "/nix/store/5mjbf64yfqlr17pfj6xpy6h1w1xc1i57-python3.7-click-7.0/lib/python3.7/site-packages/click/core.py", line 555, in invoke
    return callback(*args, **kwargs)
  File "/nix/store/ihifrwhrqs4ws51i9njk3yxzq6rh6qmz-vulnix-1.8.2/lib/python3.7/site-packages/vulnix/main.py", line 138, in main
    nvd.update()
  File "/nix/store/ihifrwhrqs4ws51i9njk3yxzq6rh6qmz-vulnix-1.8.2/lib/python3.7/site-packages/vulnix/nvd.py", line 99, in update
    self.has_updates |= archive.update(self.mirror)
  File "/nix/store/ihifrwhrqs4ws51i9njk3yxzq6rh6qmz-vulnix-1.8.2/lib/python3.7/site-packages/vulnix/nvd.py", line 193, in update
    with Download(mirror + self.upstream_filename) as xml:
  File "/nix/store/ihifrwhrqs4ws51i9njk3yxzq6rh6qmz-vulnix-1.8.2/lib/python3.7/site-packages/vulnix/nvd.py", line 142, in __enter__
    self.xml = decompress(r.raw)
  File "/nix/store/ihifrwhrqs4ws51i9njk3yxzq6rh6qmz-vulnix-1.8.2/lib/python3.7/site-packages/vulnix/nvd.py", line 122, in decompress
    shutil.copyfileobj(f_in, tf)
  File "/nix/store/zdh16dcvjw99ybam59zd2ijb6bx138j0-python3-3.7.5/lib/python3.7/shutil.py", line 79, in copyfileobj
    buf = fsrc.read(length)
  File "/nix/store/zdh16dcvjw99ybam59zd2ijb6bx138j0-python3-3.7.5/lib/python3.7/gzip.py", line 276, in read
    return self._buffer.read(size)
  File "/nix/store/zdh16dcvjw99ybam59zd2ijb6bx138j0-python3-3.7.5/lib/python3.7/_compression.py", line 68, in readinto
    data = self.read(len(byte_view))
  File "/nix/store/zdh16dcvjw99ybam59zd2ijb6bx138j0-python3-3.7.5/lib/python3.7/gzip.py", line 463, in read
    if not self._read_gzip_header():
  File "/nix/store/zdh16dcvjw99ybam59zd2ijb6bx138j0-python3-3.7.5/lib/python3.7/gzip.py", line 411, in _read_gzip_header
    raise OSError('Not a gzipped file (%r)' % magic)
OSError: Not a gzipped file (b'<!')
ckauhaus commented 4 years ago

Yes, indeed. Working on the issue. A new release should be ready in a few days.

NeQuissimus commented 4 years ago

Ah, wonderful, I guess I don't have to dig into the cause of this then :-)

Thanks.

ckauhaus commented 4 years ago

Nearly finished, needs a bit of polish though. Expect a release at this weekend.

ckauhaus commented 4 years ago

Side note: vulnix 1.9.2 has been released on Friday. This one should just work. Be sure to try "-v" for CVSS ranking.