mirror of
https://github.com/aquasecurity/trivy.git
synced 2026-01-31 13:53:14 +08:00
fix(rocky): add architectures support for advisories (#4691)
* add multi-arch support for rocky linux advisories * feat: comply with the new signagure * bump trivy-db * fix tests * chore(deps): remove fork replace --------- Co-authored-by: knqyf263 <knqyf263@gmail.com>
This commit is contained in:
DmitriyLewen
4
go.mod
4
go.mod
@@ -23,7 +23,7 @@ require (
|
||||
github.com/aquasecurity/table v1.8.0
|
||||
github.com/aquasecurity/testdocker v0.0.0-20230111101738-e741bda259da
|
||||
github.com/aquasecurity/tml v0.6.1
|
||||
github.com/aquasecurity/trivy-db v0.0.0-20230515061101-378ab9ed302c
|
||||
github.com/aquasecurity/trivy-db v0.0.0-20230703082116-dc52e83376ce
|
||||
github.com/aquasecurity/trivy-java-db v0.0.0-20230209231723-7cddb1406728
|
||||
github.com/aquasecurity/trivy-kubernetes v0.5.7-0.20230628140707-dae3bdb6ee81
|
||||
github.com/aws/aws-sdk-go v1.44.245
|
||||
@@ -93,7 +93,7 @@ require (
|
||||
github.com/xlab/treeprint v1.1.0
|
||||
go.etcd.io/bbolt v1.3.7
|
||||
go.uber.org/zap v1.24.0
|
||||
golang.org/x/exp v0.0.0-20230510235704-dd950f8aeaea
|
||||
golang.org/x/exp v0.0.0-20230522175609-2e198f4a06a1
|
||||
golang.org/x/mod v0.11.0
|
||||
golang.org/x/sync v0.3.0
|
||||
golang.org/x/term v0.9.0
|
||||
|
||||
8
go.sum
8
go.sum
@@ -343,8 +343,8 @@ github.com/aquasecurity/testdocker v0.0.0-20230111101738-e741bda259da h1:pj/adfN
|
||||
github.com/aquasecurity/testdocker v0.0.0-20230111101738-e741bda259da/go.mod h1:852lbQLpK2nCwlR4ZLYIccxYCfoQao6q9Nl6tjz54v8=
|
||||
github.com/aquasecurity/tml v0.6.1 h1:y2ZlGSfrhnn7t4ZJ/0rotuH+v5Jgv6BDDO5jB6A9gwo=
|
||||
github.com/aquasecurity/tml v0.6.1/go.mod h1:OnYMWY5lvI9ejU7yH9LCberWaaTBW7hBFsITiIMY2yY=
|
||||
github.com/aquasecurity/trivy-db v0.0.0-20230515061101-378ab9ed302c h1:mFMfHmb5GC6xrnUGk2mJcKNt5vBaFSzJx1MMW47uzB0=
|
||||
github.com/aquasecurity/trivy-db v0.0.0-20230515061101-378ab9ed302c/go.mod h1:s7x7CTxYeiFf6gPOakSsg4mCD93au4dbYplG4h0FGrs=
|
||||
github.com/aquasecurity/trivy-db v0.0.0-20230703082116-dc52e83376ce h1:swoQLWQoZ4HW13XeEji217TTcgi61MuMZdsKrqSTE0A=
|
||||
github.com/aquasecurity/trivy-db v0.0.0-20230703082116-dc52e83376ce/go.mod h1:cXuqKo+FaMY0ixJNoUcyDHdfCBRPWOysI2Td8N4fRsg=
|
||||
github.com/aquasecurity/trivy-java-db v0.0.0-20230209231723-7cddb1406728 h1:0eS+V7SXHgqoT99tV1mtMW6HL4HdoB9qGLMCb1fZp8A=
|
||||
github.com/aquasecurity/trivy-java-db v0.0.0-20230209231723-7cddb1406728/go.mod h1:Ldya37FLi0e/5Cjq2T5Bty7cFkzUDwTcPeQua+2M8i8=
|
||||
github.com/aquasecurity/trivy-kubernetes v0.5.7-0.20230628140707-dae3bdb6ee81 h1:5/tKpCr861auON/CMHSXnRzNixx1FTWAeHSwV0PtA0U=
|
||||
@@ -1811,8 +1811,8 @@ golang.org/x/exp v0.0.0-20191227195350-da58074b4299/go.mod h1:2RIsYlXP63K8oxa1u0
|
||||
golang.org/x/exp v0.0.0-20200119233911-0405dc783f0a/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4=
|
||||
golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EHIKF9dgMWnmCNThgcyBT1FY9mM=
|
||||
golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod h1:3jZMyOhIsHpP37uCMkUooju7aAi5cS1Q23tOzKc+0MU=
|
||||
golang.org/x/exp v0.0.0-20230510235704-dd950f8aeaea h1:vLCWI/yYrdEHyN2JzIzPO3aaQJHQdp89IZBA/+azVC4=
|
||||
golang.org/x/exp v0.0.0-20230510235704-dd950f8aeaea/go.mod h1:V1LtkGg67GoY2N1AnLN78QLrzxkLyJw7RJb1gzOOz9w=
|
||||
golang.org/x/exp v0.0.0-20230522175609-2e198f4a06a1 h1:k/i9J1pBpvlfR+9QsetwPyERsqu1GIbi967PQMq3Ivc=
|
||||
golang.org/x/exp v0.0.0-20230522175609-2e198f4a06a1/go.mod h1:V1LtkGg67GoY2N1AnLN78QLrzxkLyJw7RJb1gzOOz9w=
|
||||
golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js=
|
||||
golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0=
|
||||
golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
|
||||
|
||||
@@ -4,4 +4,10 @@
|
||||
pairs:
|
||||
- key: CVE-2021-3712
|
||||
value:
|
||||
FixedVersion: 1:1.1.1k-5.el8_5
|
||||
FixedVersion: 1:1.1.1k-5.el8_5
|
||||
Entries:
|
||||
- FixedVersion: "1:1.1.1k-5.el8_5"
|
||||
Arches:
|
||||
- x86_64
|
||||
VendorIds:
|
||||
- RLSA-2021:4647
|
||||
@@ -74,7 +74,7 @@ func (s *Scanner) Detect(osVer string, _ *ftypes.Repository, pkgs []ftypes.Packa
|
||||
continue
|
||||
}
|
||||
pkgName := addModularNamespace(pkg.Name, pkg.Modularitylabel)
|
||||
advisories, err := s.vs.Get(osVer, pkgName)
|
||||
advisories, err := s.vs.Get(osVer, pkgName, pkg.Arch)
|
||||
if err != nil {
|
||||
return nil, xerrors.Errorf("failed to get Rocky Linux advisories: %w", err)
|
||||
}
|
||||
|
||||
@@ -40,7 +40,7 @@ func TestScanner_Detect(t *testing.T) {
|
||||
Epoch: 0,
|
||||
Version: "4.18.0",
|
||||
Release: "348.el8.0.3",
|
||||
Arch: "x86_64",
|
||||
Arch: "aarch64",
|
||||
SrcName: "kernel",
|
||||
SrcEpoch: 0,
|
||||
SrcVersion: "4.18.0",
|
||||
@@ -56,7 +56,7 @@ func TestScanner_Detect(t *testing.T) {
|
||||
PkgName: "bpftool",
|
||||
VulnerabilityID: "CVE-2021-20317",
|
||||
InstalledVersion: "4.18.0-348.el8.0.3",
|
||||
FixedVersion: "4.18.0-348.2.1.el8_5",
|
||||
FixedVersion: "5.18.0-348.2.1.el8_5",
|
||||
Layer: ftypes.Layer{},
|
||||
DataSource: &dbTypes.DataSource{
|
||||
ID: vulnerability.Rocky,
|
||||
|
||||
@@ -2,9 +2,17 @@
|
||||
pairs:
|
||||
- bucket: bpftool
|
||||
pairs:
|
||||
- key: CVE-2021-0129
|
||||
value:
|
||||
FixedVersion: "4.18.0-348.el8.0.2"
|
||||
- key: CVE-2021-20317
|
||||
value:
|
||||
FixedVersion: "4.18.0-348.2.1.el8_5"
|
||||
FixedVersion: "4.18.0-348.2.1.el8_5"
|
||||
Entries:
|
||||
- FixedVersion: "4.18.0-348.2.1.el8_5"
|
||||
Arches:
|
||||
- "x86_64"
|
||||
VendorIDs:
|
||||
- "RLSA-2021:4647"
|
||||
- FixedVersion: "5.18.0-348.2.1.el8_5"
|
||||
Arches:
|
||||
- "aarch64"
|
||||
VendorIDs:
|
||||
- "RLSA-2021:4647"
|
||||
Reference in New Issue
Block a user