From 3e7a48372299231dc7383964c514969efa296d1e Mon Sep 17 00:00:00 2001 From: Michael Drake Date: Tue, 14 Apr 2015 13:56:27 +0000 Subject: Make it easier to add software to internal DB Change-Id: Ib4fe778ce09451d6d54d6012266c9aa7333ac2fe --- morphlib/plugins/cve_check_plugin.py | 34 +++++++++++++++++++++++++--------- 1 file changed, 25 insertions(+), 9 deletions(-) diff --git a/morphlib/plugins/cve_check_plugin.py b/morphlib/plugins/cve_check_plugin.py index 8a3694e0..a80c10e1 100644 --- a/morphlib/plugins/cve_check_plugin.py +++ b/morphlib/plugins/cve_check_plugin.py @@ -146,15 +146,31 @@ class CVEDataBase: # For now it just creates a hardcoded DB self.db = [] - # Add LibPNG - libpng = CVESoftware('libpng') - libpng.add_cve('CVE-2014-9495', - [['0', '1.5.20'], - ['1.6.9', '1.6.15']]) - libpng.add_cve('CVE-2014-0333', - [['1.6.0', '1.6.9']]) - - self.db.append(libpng) + self._add_software('libpng', + [['CVE-2014-9495', [['0', '1.5.20'], + ['1.6.9', '1.6.15']]], + ['CVE-2014-0333', [['1.6.0', '1.6.9' ]]] + ]) + + self._add_software('openssl-new', + [['CVE-2014-3567', [['1.0.1', '1.0.1i' ], + ['1.0.0', '1.0.0n' ], + ['0.9.8', '0.9.8zc']]], + ['CVE-2014-3568', [['1.0.1', '1.0.1i' ], + ['1.0.0', '1.0.0n' ], + ['0.9.8', '0.9.8zc']]], + ['CVE-2014-3513', [['1.0.1', '1.0.1i' ]]], + ['CVE-2015-0289', [['1.0.2', '1.0.2' ], + ['1.0.1', '1.0.1l' ], + ['1.0.0', '1.0.0q' ], + ['0.9.8', '0.9.8ze']]] + ]) + + def _add_software(self, name, cves): + sw = CVESoftware(name) + for v in cves: + sw.add_cve(v[0], v[1]) + self.db.append(sw) def check_vulnerability(self, name, version): for s in self.db: -- cgit v1.2.1