Open Kieran-Muller opened 1 year ago
Raised a PR for review https://github.com/quay/claircore/pull/1023
Perhaps it would be worth updating goval-parser with some fresher data for the tests?
The current set of xml files seem fairly old and the current oval xml for ubuntu has been update slightly to no longer use the <ref>
element and use the <cve>
element.
I'd be happy to make some updates if the team thinks it would be appropriate.
Perhaps it would be worth updating goval-parser with some fresher data for the tests? The current set of xml files seem fairly old and the current oval xml for ubuntu has been update slightly to no longer use the element and use the element.
I'd be happy to make some updates if the team thinks it would be appropriate.
Probably worth updating, feel free to update the test files and open a PR, thanks!
@crozzy I've riased a PR to add update ubuntu data, not urgent. https://github.com/quay/goval-parser/pull/13
Background
Package: https://github.com/quay/claircore/blob/main/pkg/ovalutil/links.go
It would appear there is an opportunity to get further vulnerability information from the Oval files returned from ubuntu and other sources.
There is extra links that can be extracted from the
advisory.cve
href. In the current case, the only link that would be extracted here would behttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36190
. As nodef.Advisory.Refs
exists, sadly the link in the<cve/>
element is not extracted.Example definition.
Solution
Proposed solution would be to leverage the information in the
<cve/>
element to get further links for all distros that parse an Oval XML files so long as the oval.Definition contains the CVE as an accessible field.It looks like it does support the CVE field goval-parser Advisory type with the current
Cves []Cve 'xml:"cve"'
.