ついに!

書き忘れました。古いSQLite3を削除して、go-cve-dictionaryのfetchnvd, fetchjvnし直してください。

— vuls (@vuls_ja) January 31, 2018

久しぶりにVulsブログですが、
今回最新アップデートするとエラー出まくりだからわからん!!
と元同僚センパイ(インフラエンジニア)に質問されたので、How toをブログします。
今回は例外ですな。

■Environment

$ cat /etc/redhat-release

CentOS Linux release 7.4.1708 (Core)

$ vuls -v

vuls v0.4.2 0e87360

$ go version

go version go1.9.2 linux/amd64

■Delete sqlite3

古いSQLite3を削除からの、
go-cve-dictionary(fetchnvd, fetchjvn)し直す必要があるので、
これまた長い…

# ll

合計 884700

-rw-r--r-- 1 vuls vuls 4906 1月 12 16:17 config.toml

-rw-r--r-- 1 vuls vuls 889237504 2月 1 10:00 cve.sqlite3

-rw-r--r-- 1 vuls vuls 32768 2月 1 10:01 cve.sqlite3-shm

-rw-r--r-- 1 vuls vuls 0 2月 1 10:01 cve.sqlite3-wal

-rw-r--r-- 1 vuls vuls 16650240 2月 1 10:00 oval.sqlite3

drwx------ 7 vuls vuls 186 2月 1 10:01 results/

-rwxr-xr-x 1 vuls vuls 2108 12月 19 18:08 vuls_autoscan.sh*

# rm -rf cve.sqlite3 cve.sqlite3-shm cve.sqlite3-wal oval.sqlite3

$ for i in `seq 2002 $(date +"%Y")`; do go-cve-dictionary fetchnvd -years $i; done

$ for i in `seq 1998 $(date +"%Y")`; do go-cve-dictionary fetchjvn -years $i; done

■Update go-cve-dictionary

https://vuls.io/docs/ja/misc-update-vuls.html

↑最近ドキュメントがギッハブじゃなくなりました！?
あとは通常通りにやればOK

$ cd $GOPATH/src/github.com/kotakanbe/go-cve-dictionary

[~/go/src/github.com/kotakanbe/go-cve-dictionary]

$ git pull

remote: Counting objects: 123, done.

remote: Compressing objects: 100% (57/57), done.

remote: Total 123 (delta 62), reused 111 (delta 55), pack-reused 2

Receiving objects: 100% (123/123), 24.21 KiB | 0 bytes/s, done.

Resolving deltas: 100% (62/62), completed with 12 local objects.

From https://github.com/kotakanbe/go-cve-dictionary

fad7cfc..fde7146 master -> origin/master

* [new branch] fix-multi-cve-jvn -> origin/fix-multi-cve-jvn

* [new branch] nvd-json -> origin/nvd-json

Updating fad7cfc..fde7146

Fast-forward

Gopkg.lock | 121 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++--------------------------------

Gopkg.toml | 3 ---

commands/fetchnvd.go | 14 ++++++++++---

db/db.go | 51 ++++++++++++++++++++++-----------------------

db/rdb.go | 6 ++++++

db/redis.go | 47 ++++++++++++++++++++++++++++++++++++++++++

log/log.go | 2 +-

nvd/nvd.go | 11 ++++++++--

8 files changed, 183 insertions(+), 72 deletions(-)

$ rm -rf vendor

$ rm -rf $GOPATH/pkg

$ make install

go get -u github.com/golang/dep/...

dep ensure

go install -ldflags "-X 'main.version=v0.1.1' -X 'main.revision=fde7146'"

■Update go-cve-dictionary

$ cd $GOPATH/src/github.com/kotakanbe/goval-dictionary

[~/go/src/github.com/kotakanbe/goval-dictionary]

$ git pull

remote: Counting objects: 59, done.

remote: Compressing objects: 100% (21/21), done.

remote: Total 59 (delta 37), reused 54 (delta 34), pack-reused 2

Unpacking objects: 100% (59/59), done.

From https://github.com/kotakanbe/goval-dictionary

d09dd91..eda9803 master -> origin/master

* [new branch] amazon-rss -> origin/amazon-rss

Updating d09dd91..eda9803

Fast-forward

Gopkg.lock | 85 ++++++++++++++++++++++++++++++---------------

README.md | 51 +++++++++++++++++++++++++++

commands/fetch-amazon.go | 135 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

commands/select.go | 10 +++---

config/config.go | 3 ++

db/rdb/alpine.go | 21 +++++++++---

db/rdb/amazon.go | 193 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

db/rdb/debian.go | 3 +-

db/rdb/oracle.go | 5 +--

db/rdb/rdb.go | 2 ++

db/rdb/redhat.go | 5 +--

db/rdb/suse.go | 5 +--

db/rdb/ubuntu.go | 5 +--

db/redis.go | 7 ++--

fetcher/alpine.go | 4 +++

fetcher/amazon.go | 25 ++++++++++++++

fetcher/debian.go | 6 +++-

fetcher/oracle.go | 4 +++

fetcher/redhat.go | 4 +++

fetcher/suse.go | 4 +++

fetcher/ubuntu.go | 6 +++-

log/log.go | 2 +-

main.go | 3 +-

models/alpine.go | 7 ++++

models/amazon.go | 87 ++++++++++++++++++++++++++++++++++++++++++++++

25 files changed, 621 insertions(+), 61 deletions(-)

create mode 100644 commands/fetch-amazon.go

create mode 100644 db/rdb/amazon.go

create mode 100644 fetcher/amazon.go

create mode 100644 models/amazon.go

$ rm -rf vendor

$ make install

fatal: No names found, cannot describe anything.

go get -u github.com/golang/dep/...

dep ensure

go install -ldflags "-X 'main.version=' -X 'main.revision=eda9803'"

■Update vuls

$ cd $GOPATH/src/github.com/future-architect/vuls

[~/go/src/github.com/future-architect/vuls]

$ git pull

remote: Counting objects: 97, done.

remote: Compressing objects: 100% (4/4), done.

remote: Total 97 (delta 56), reused 59 (delta 56), pack-reused 37

Unpacking objects: 100% (97/97), done.

From https://github.com/future-architect/vuls

0e87360..d926b7f master -> origin/master

* [new branch] depup -> origin/depup

* [new branch] fix-oval-http -> origin/fix-oval-http

* [new branch] logging-if-no-owasp-dc -> origin/logging-if-no-owasp-dc

* [new branch] offline -> origin/offline

* [new branch] readme-vulsdoc -> origin/readme-vulsdoc

dad7e70..9ed7c2a v0.5.0 -> origin/v0.5.0

Updating 0e87360..d926b7f

Fast-forward

Gopkg.lock | 187 ++++++--

Gopkg.toml | 35 +-

README.ja.md | 1984 -------------------------------------------------------------------------------

README.md | 1854 +------------------------------------------------------------------------

commands/configtest.go | 25 +-

commands/scan.go | 25 +-

config/config.go | 12 +

contrib/owasp-dependency-check/parser/parser.go | 8 +-

models/packages.go | 8 +-

oval/redhat.go | 2 +-

oval/util.go | 15 +-

report/s3.go | 2 +-

scan/debian.go | 17 +-

scan/redhat.go | 17 +-

setup/docker/README.md | 226 +--------

setup/docker/go-cve-dictionary/latest/README.md | 89 ----

setup/docker/goval-dictionary/latest/README.md | 125 -----

setup/docker/vuls/latest/README.md | 125 -----

setup/docker/vulsrepo/latest/README.md | 47 --

util/logutil.go | 2 +-

20 files changed, 291 insertions(+), 4514 deletions(-)

delete mode 100644 README.ja.md

delete mode 100644 setup/docker/go-cve-dictionary/latest/README.md

delete mode 100644 setup/docker/goval-dictionary/latest/README.md

delete mode 100644 setup/docker/vuls/latest/README.md

delete mode 100644 setup/docker/vulsrepo/latest/README.md

$ rm -rf vendor

$ make install

go get -u github.com/golang/dep/...

dep ensure

golang.org/x/tools/go/gcimporter15

golang.org/x/tools/go/gcexportdata

github.com/golang/lint

github.com/golang/lint/golint

golint cache/bolt.go || exit; golint cache/bolt_test.go || exit; golint cache/db.go || exit; golint commands/configtest.go || exit; golint commands/discover.go || exit; golint commands/history.go || exit; golint commands/report.go || exit; golint commands/scan.go || exit; golint commands/tui.go || exit; golint commands/util.go || exit; golint commands/util_test.go || exit; golint config/color.go || exit; golint config/config.go || exit; golint config/jsonloader.go || exit; golint config/loader.go || exit; golint config/tomlloader.go || exit; golint contrib/owasp-dependency-check/parser/parser.go || exit; golint main.go || exit; golint models/cvecontents.go || exit; golint models/cvecontents_test.go || exit; golint models/models.go || exit; golint models/models_test.go || exit; golint models/packages.go || exit; golint models/packages_test.go || exit; golint models/scanresults.go || exit; golint models/scanresults_test.go || exit; golint models/utils.go || exit; golint models/vulninfos.go || exit; golint models/vulninfos_test.go || exit; golint oval/alpine.go || exit; golint oval/debian.go || exit; golint oval/debian_test.go || exit; golint oval/oval.go || exit; golint oval/redhat.go || exit; golint oval/redhat_test.go || exit; golint oval/suse.go || exit; golint oval/util.go || exit; golint oval/util_test.go || exit; golint report/azureblob.go || exit; golint report/cve_client.go || exit; golint report/email.go || exit; golint report/email_test.go || exit; golint report/localfile.go || exit; golint report/report.go || exit; golint report/report_test.go || exit; golint report/s3.go || exit; golint report/slack.go || exit; golint report/slack_test.go || exit; golint report/stdout.go || exit; golint report/tui.go || exit; golint report/util.go || exit; golint report/util_test.go || exit; golint report/writer.go || exit; golint scan/alpine.go || exit; golint scan/alpine_test.go || exit; golint scan/base.go || exit; golint scan/base_test.go || exit; golint scan/debian.go || exit; golint scan/debian_test.go || exit; golint scan/executil.go || exit; golint scan/executil_test.go || exit; golint scan/freebsd.go || exit; golint scan/freebsd_test.go || exit; golint scan/pseudo.go || exit; golint scan/redhat.go || exit; golint scan/redhat_test.go || exit; golint scan/serverapi.go || exit; golint scan/serverapi_test.go || exit; golint scan/suse.go || exit; golint scan/suse_test.go || exit; golint scan/unknownDistro.go || exit; golint scan/utils.go || exit; golint scan/utils_test.go || exit; golint util/logutil.go || exit; golint util/util.go || exit; golint util/util_test.go || exit;

cache/bolt.go:186:3: redundant if ...; err != nil check, just return error instead.

report/localfile.go:135:2: redundant if ...; err != nil check, just return error instead.

report/report.go:150:2: redundant if ...; err != nil check, just return error instead.

report/report.go:210:2: redundant if ...; err != nil check, just return error instead.

report/tui.go:471:2: redundant if ...; err != nil check, just return error instead.

report/tui.go:482:2: redundant if ...; err != nil check, just return error instead.

report/tui.go:493:2: redundant if ...; err != nil check, just return error instead.

report/tui.go:548:2: redundant if ...; err != nil check, just return error instead.

report/tui.go:568:2: redundant if ...; err != nil check, just return error instead.

scan/serverapi.go:425:2: redundant if ...; err != nil check, just return error instead.

# @-go get -v golang.org/x/tools/cmd/vet

echo ./. ./cache ./commands ./config ./models ./oval ./report ./scan ./util | xargs go vet || exit;

gofmt -s -d cache/bolt.go; gofmt -s -d cache/bolt_test.go; gofmt -s -d cache/db.go; gofmt -s -d commands/configtest.go; gofmt -s -d commands/discover.go; gofmt -s -d commands/history.go; gofmt -s -d commands/report.go; gofmt -s -d commands/scan.go; gofmt -s -d commands/tui.go; gofmt -s -d commands/util.go; gofmt -s -d commands/util_test.go; gofmt -s -d config/color.go; gofmt -s -d config/config.go; gofmt -s -d config/jsonloader.go; gofmt -s -d config/loader.go; gofmt -s -d config/tomlloader.go; gofmt -s -d contrib/owasp-dependency-check/parser/parser.go; gofmt -s -d main.go; gofmt -s -d models/cvecontents.go; gofmt -s -d models/cvecontents_test.go; gofmt -s -d models/models.go; gofmt -s -d models/models_test.go; gofmt -s -d models/packages.go; gofmt -s -d models/packages_test.go; gofmt -s -d models/scanresults.go; gofmt -s -d models/scanresults_test.go; gofmt -s -d models/utils.go; gofmt -s -d models/vulninfos.go; gofmt -s -d models/vulninfos_test.go; gofmt -s -d oval/alpine.go; gofmt -s -d oval/debian.go; gofmt -s -d oval/debian_test.go; gofmt -s -d oval/oval.go; gofmt -s -d oval/redhat.go; gofmt -s -d oval/redhat_test.go; gofmt -s -d oval/suse.go; gofmt -s -d oval/util.go; gofmt -s -d oval/util_test.go; gofmt -s -d report/azureblob.go; gofmt -s -d report/cve_client.go; gofmt -s -d report/email.go; gofmt -s -d report/email_test.go; gofmt -s -d report/localfile.go; gofmt -s -d report/report.go; gofmt -s -d report/report_test.go; gofmt -s -d report/s3.go; gofmt -s -d report/slack.go; gofmt -s -d report/slack_test.go; gofmt -s -d report/stdout.go; gofmt -s -d report/tui.go; gofmt -s -d report/util.go; gofmt -s -d report/util_test.go; gofmt -s -d report/writer.go; gofmt -s -d scan/alpine.go; gofmt -s -d scan/alpine_test.go; gofmt -s -d scan/base.go; gofmt -s -d scan/base_test.go; gofmt -s -d scan/debian.go; gofmt -s -d scan/debian_test.go; gofmt -s -d scan/executil.go; gofmt -s -d scan/executil_test.go; gofmt -s -d scan/freebsd.go; gofmt -s -d scan/freebsd_test.go; gofmt -s -d scan/pseudo.go; gofmt -s -d scan/redhat.go; gofmt -s -d scan/redhat_test.go; gofmt -s -d scan/serverapi.go; gofmt -s -d scan/serverapi_test.go; gofmt -s -d scan/suse.go; gofmt -s -d scan/suse_test.go; gofmt -s -d scan/unknownDistro.go; gofmt -s -d scan/utils.go; gofmt -s -d scan/utils_test.go; gofmt -s -d util/logutil.go; gofmt -s -d util/util.go; gofmt -s -d util/util_test.go;

go install -ldflags "-X 'main.version=v0.4.2' -X 'main.revision=d926b7f'"

$ vuls -v

vuls v0.4.2 d926b7f

?

■まとめ

これで日本語化される脆弱性情報が増えるので、
アップデートしてない方はマストでやりましょう！
vuls-dockerの場合は$ docker rmi vuls/vuls $ docker pull vuls/vulsしてSQLite3取得し直すだけ!

そういえばクラウド版Vuls「FutureVuls」がリリースされましたね。
トライアルあれば使ってみたい…
https://vuls.biz/#Page1

[Vuls][v0.4.2 d926b7f][go-cve-dictionary]JVNのinsert処理バグが治ったのでアップデート!

投稿者: adachin 投稿日: 2018/02/012018/02/01

ついに!

■Environment

■Delete sqlite3

■Update go-cve-dictionary

■Update go-cve-dictionary

■Update vuls

?

■まとめ

adachin

0件のコメント

コメントを残すコメントをキャンセル

[2024/08/20]Vuls祭り#10 | 脆弱性管理の最前線〜リスク評価からSSVC、VEX、AIまで〜に参加してきた

[コンテナイメージセキュリティチェック]Dockleを使ってコンテナのセキュリティ診断をしてみた！

[コンテナイメージ脆弱性スキャナ]Trivyをやっと試してみた！

[Vuls][v0.4.2 d926b7f][go-cve-dictionary]JVNのinsert処理バグが治ったのでアップデート!

投稿者: adachin 投稿日: 2018/02/012018/02/01

ついに!

■Environment

■Delete sqlite3

■Update go-cve-dictionary

■Update go-cve-dictionary

■Update vuls

?

■まとめ

adachin

0件のコメント

コメントを残すコメントをキャンセル

関連投稿

[2024/08/20]Vuls祭り#10 | 脆弱性管理の最前線〜 リスク評価からSSVC、VEX、AIまで〜に参加してきた

[コンテナイメージセキュリティチェック]Dockleを使ってコンテナのセキュリティ診断をしてみた！

[コンテナイメージ脆弱性スキャナ]Trivyをやっと試してみた！

[2024/08/20]Vuls祭り#10 | 脆弱性管理の最前線〜リスク評価からSSVC、VEX、AIまで〜に参加してきた