ついに!
書き忘れました。古いSQLite3を削除して、go-cve-dictionaryのfetchnvd, fetchjvnし直してください。
— vuls (@vuls_ja) January 31, 2018
久しぶりにVulsブログですが、
今回最新アップデートするとエラー出まくりだからわからん!!
と元同僚センパイ(インフラエンジニア)に質問されたので、How toをブログします。
今回は例外ですな。
■Environment
1 2 3 4 5 6 7 8 |
$ cat /etc/redhat-release CentOS Linux release 7.4.1708 (Core) $ vuls -v vuls v0.4.2 0e87360 $ go version go version go1.9.2 linux/amd64 |
■Delete sqlite3
古いSQLite3を削除からの、
go-cve-dictionary(fetchnvd, fetchjvn)し直す必要があるので、
これまた長い…
1 2 3 4 5 6 7 8 9 10 11 12 13 14 |
# ll 合計 884700 -rw-r--r-- 1 vuls vuls 4906 1月 12 16:17 config.toml -rw-r--r-- 1 vuls vuls 889237504 2月 1 10:00 cve.sqlite3 -rw-r--r-- 1 vuls vuls 32768 2月 1 10:01 cve.sqlite3-shm -rw-r--r-- 1 vuls vuls 0 2月 1 10:01 cve.sqlite3-wal -rw-r--r-- 1 vuls vuls 16650240 2月 1 10:00 oval.sqlite3 drwx------ 7 vuls vuls 186 2月 1 10:01 results/ -rwxr-xr-x 1 vuls vuls 2108 12月 19 18:08 vuls_autoscan.sh* # rm -rf cve.sqlite3 cve.sqlite3-shm cve.sqlite3-wal oval.sqlite3 $ for i in `seq 2002 $(date +"%Y")`; do go-cve-dictionary fetchnvd -years $i; done $ for i in `seq 1998 $(date +"%Y")`; do go-cve-dictionary fetchjvn -years $i; done |
■Update go-cve-dictionary
https://vuls.io/docs/ja/misc-update-vuls.html
↑最近ドキュメントがギッハブじゃなくなりました!?
あとは通常通りにやればOK
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 |
$ cd $GOPATH/src/github.com/kotakanbe/go-cve-dictionary [~/go/src/github.com/kotakanbe/go-cve-dictionary] $ git pull remote: Counting objects: 123, done. remote: Compressing objects: 100% (57/57), done. remote: Total 123 (delta 62), reused 111 (delta 55), pack-reused 2 Receiving objects: 100% (123/123), 24.21 KiB | 0 bytes/s, done. Resolving deltas: 100% (62/62), completed with 12 local objects. From https://github.com/kotakanbe/go-cve-dictionary fad7cfc..fde7146 master -> origin/master * [new branch] fix-multi-cve-jvn -> origin/fix-multi-cve-jvn * [new branch] nvd-json -> origin/nvd-json Updating fad7cfc..fde7146 Fast-forward Gopkg.lock | 121 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++-------------------------------- Gopkg.toml | 3 --- commands/fetchnvd.go | 14 ++++++++++--- db/db.go | 51 ++++++++++++++++++++++----------------------- db/rdb.go | 6 ++++++ db/redis.go | 47 ++++++++++++++++++++++++++++++++++++++++++ log/log.go | 2 +- nvd/nvd.go | 11 ++++++++-- 8 files changed, 183 insertions(+), 72 deletions(-) $ rm -rf vendor $ rm -rf $GOPATH/pkg $ make install go get -u github.com/golang/dep/... dep ensure go install -ldflags "-X 'main.version=v0.1.1' -X 'main.revision=fde7146'" |
■Update go-cve-dictionary
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 |
$ cd $GOPATH/src/github.com/kotakanbe/goval-dictionary [~/go/src/github.com/kotakanbe/goval-dictionary] $ git pull remote: Counting objects: 59, done. remote: Compressing objects: 100% (21/21), done. remote: Total 59 (delta 37), reused 54 (delta 34), pack-reused 2 Unpacking objects: 100% (59/59), done. From https://github.com/kotakanbe/goval-dictionary d09dd91..eda9803 master -> origin/master * [new branch] amazon-rss -> origin/amazon-rss Updating d09dd91..eda9803 Fast-forward Gopkg.lock | 85 ++++++++++++++++++++++++++++++--------------- README.md | 51 +++++++++++++++++++++++++++ commands/fetch-amazon.go | 135 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ commands/select.go | 10 +++--- config/config.go | 3 ++ db/rdb/alpine.go | 21 +++++++++--- db/rdb/amazon.go | 193 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ db/rdb/debian.go | 3 +- db/rdb/oracle.go | 5 +-- db/rdb/rdb.go | 2 ++ db/rdb/redhat.go | 5 +-- db/rdb/suse.go | 5 +-- db/rdb/ubuntu.go | 5 +-- db/redis.go | 7 ++-- fetcher/alpine.go | 4 +++ fetcher/amazon.go | 25 ++++++++++++++ fetcher/debian.go | 6 +++- fetcher/oracle.go | 4 +++ fetcher/redhat.go | 4 +++ fetcher/suse.go | 4 +++ fetcher/ubuntu.go | 6 +++- log/log.go | 2 +- main.go | 3 +- models/alpine.go | 7 ++++ models/amazon.go | 87 ++++++++++++++++++++++++++++++++++++++++++++++ 25 files changed, 621 insertions(+), 61 deletions(-) create mode 100644 commands/fetch-amazon.go create mode 100644 db/rdb/amazon.go create mode 100644 fetcher/amazon.go create mode 100644 models/amazon.go $ rm -rf vendor $ make install fatal: No names found, cannot describe anything. go get -u github.com/golang/dep/... dep ensure go install -ldflags "-X 'main.version=' -X 'main.revision=eda9803'" |
■Update vuls
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 |
$ cd $GOPATH/src/github.com/future-architect/vuls [~/go/src/github.com/future-architect/vuls] $ git pull remote: Counting objects: 97, done. remote: Compressing objects: 100% (4/4), done. remote: Total 97 (delta 56), reused 59 (delta 56), pack-reused 37 Unpacking objects: 100% (97/97), done. From https://github.com/future-architect/vuls 0e87360..d926b7f master -> origin/master * [new branch] depup -> origin/depup * [new branch] fix-oval-http -> origin/fix-oval-http * [new branch] logging-if-no-owasp-dc -> origin/logging-if-no-owasp-dc * [new branch] offline -> origin/offline * [new branch] readme-vulsdoc -> origin/readme-vulsdoc dad7e70..9ed7c2a v0.5.0 -> origin/v0.5.0 Updating 0e87360..d926b7f Fast-forward Gopkg.lock | 187 ++++++-- Gopkg.toml | 35 +- README.ja.md | 1984 ------------------------------------------------------------------------------- README.md | 1854 +------------------------------------------------------------------------ commands/configtest.go | 25 +- commands/scan.go | 25 +- config/config.go | 12 + contrib/owasp-dependency-check/parser/parser.go | 8 +- models/packages.go | 8 +- oval/redhat.go | 2 +- oval/util.go | 15 +- report/s3.go | 2 +- scan/debian.go | 17 +- scan/redhat.go | 17 +- setup/docker/README.md | 226 +-------- setup/docker/go-cve-dictionary/latest/README.md | 89 ---- setup/docker/goval-dictionary/latest/README.md | 125 ----- setup/docker/vuls/latest/README.md | 125 ----- setup/docker/vulsrepo/latest/README.md | 47 -- util/logutil.go | 2 +- 20 files changed, 291 insertions(+), 4514 deletions(-) delete mode 100644 README.ja.md delete mode 100644 setup/docker/go-cve-dictionary/latest/README.md delete mode 100644 setup/docker/goval-dictionary/latest/README.md delete mode 100644 setup/docker/vuls/latest/README.md delete mode 100644 setup/docker/vulsrepo/latest/README.md $ rm -rf vendor $ make install go get -u github.com/golang/dep/... dep ensure golang.org/x/tools/go/gcimporter15 golang.org/x/tools/go/gcexportdata github.com/golang/lint github.com/golang/lint/golint golint cache/bolt.go || exit; golint cache/bolt_test.go || exit; golint cache/db.go || exit; golint commands/configtest.go || exit; golint commands/discover.go || exit; golint commands/history.go || exit; golint commands/report.go || exit; golint commands/scan.go || exit; golint commands/tui.go || exit; golint commands/util.go || exit; golint commands/util_test.go || exit; golint config/color.go || exit; golint config/config.go || exit; golint config/jsonloader.go || exit; golint config/loader.go || exit; golint config/tomlloader.go || exit; golint contrib/owasp-dependency-check/parser/parser.go || exit; golint main.go || exit; golint models/cvecontents.go || exit; golint models/cvecontents_test.go || exit; golint models/models.go || exit; golint models/models_test.go || exit; golint models/packages.go || exit; golint models/packages_test.go || exit; golint models/scanresults.go || exit; golint models/scanresults_test.go || exit; golint models/utils.go || exit; golint models/vulninfos.go || exit; golint models/vulninfos_test.go || exit; golint oval/alpine.go || exit; golint oval/debian.go || exit; golint oval/debian_test.go || exit; golint oval/oval.go || exit; golint oval/redhat.go || exit; golint oval/redhat_test.go || exit; golint oval/suse.go || exit; golint oval/util.go || exit; golint oval/util_test.go || exit; golint report/azureblob.go || exit; golint report/cve_client.go || exit; golint report/email.go || exit; golint report/email_test.go || exit; golint report/localfile.go || exit; golint report/report.go || exit; golint report/report_test.go || exit; golint report/s3.go || exit; golint report/slack.go || exit; golint report/slack_test.go || exit; golint report/stdout.go || exit; golint report/tui.go || exit; golint report/util.go || exit; golint report/util_test.go || exit; golint report/writer.go || exit; golint scan/alpine.go || exit; golint scan/alpine_test.go || exit; golint scan/base.go || exit; golint scan/base_test.go || exit; golint scan/debian.go || exit; golint scan/debian_test.go || exit; golint scan/executil.go || exit; golint scan/executil_test.go || exit; golint scan/freebsd.go || exit; golint scan/freebsd_test.go || exit; golint scan/pseudo.go || exit; golint scan/redhat.go || exit; golint scan/redhat_test.go || exit; golint scan/serverapi.go || exit; golint scan/serverapi_test.go || exit; golint scan/suse.go || exit; golint scan/suse_test.go || exit; golint scan/unknownDistro.go || exit; golint scan/utils.go || exit; golint scan/utils_test.go || exit; golint util/logutil.go || exit; golint util/util.go || exit; golint util/util_test.go || exit; cache/bolt.go:186:3: redundant if ...; err != nil check, just return error instead. report/localfile.go:135:2: redundant if ...; err != nil check, just return error instead. report/report.go:150:2: redundant if ...; err != nil check, just return error instead. report/report.go:210:2: redundant if ...; err != nil check, just return error instead. report/tui.go:471:2: redundant if ...; err != nil check, just return error instead. report/tui.go:482:2: redundant if ...; err != nil check, just return error instead. report/tui.go:493:2: redundant if ...; err != nil check, just return error instead. report/tui.go:548:2: redundant if ...; err != nil check, just return error instead. report/tui.go:568:2: redundant if ...; err != nil check, just return error instead. scan/serverapi.go:425:2: redundant if ...; err != nil check, just return error instead. # @-go get -v golang.org/x/tools/cmd/vet echo ./. ./cache ./commands ./config ./models ./oval ./report ./scan ./util | xargs go vet || exit; gofmt -s -d cache/bolt.go; gofmt -s -d cache/bolt_test.go; gofmt -s -d cache/db.go; gofmt -s -d commands/configtest.go; gofmt -s -d commands/discover.go; gofmt -s -d commands/history.go; gofmt -s -d commands/report.go; gofmt -s -d commands/scan.go; gofmt -s -d commands/tui.go; gofmt -s -d commands/util.go; gofmt -s -d commands/util_test.go; gofmt -s -d config/color.go; gofmt -s -d config/config.go; gofmt -s -d config/jsonloader.go; gofmt -s -d config/loader.go; gofmt -s -d config/tomlloader.go; gofmt -s -d contrib/owasp-dependency-check/parser/parser.go; gofmt -s -d main.go; gofmt -s -d models/cvecontents.go; gofmt -s -d models/cvecontents_test.go; gofmt -s -d models/models.go; gofmt -s -d models/models_test.go; gofmt -s -d models/packages.go; gofmt -s -d models/packages_test.go; gofmt -s -d models/scanresults.go; gofmt -s -d models/scanresults_test.go; gofmt -s -d models/utils.go; gofmt -s -d models/vulninfos.go; gofmt -s -d models/vulninfos_test.go; gofmt -s -d oval/alpine.go; gofmt -s -d oval/debian.go; gofmt -s -d oval/debian_test.go; gofmt -s -d oval/oval.go; gofmt -s -d oval/redhat.go; gofmt -s -d oval/redhat_test.go; gofmt -s -d oval/suse.go; gofmt -s -d oval/util.go; gofmt -s -d oval/util_test.go; gofmt -s -d report/azureblob.go; gofmt -s -d report/cve_client.go; gofmt -s -d report/email.go; gofmt -s -d report/email_test.go; gofmt -s -d report/localfile.go; gofmt -s -d report/report.go; gofmt -s -d report/report_test.go; gofmt -s -d report/s3.go; gofmt -s -d report/slack.go; gofmt -s -d report/slack_test.go; gofmt -s -d report/stdout.go; gofmt -s -d report/tui.go; gofmt -s -d report/util.go; gofmt -s -d report/util_test.go; gofmt -s -d report/writer.go; gofmt -s -d scan/alpine.go; gofmt -s -d scan/alpine_test.go; gofmt -s -d scan/base.go; gofmt -s -d scan/base_test.go; gofmt -s -d scan/debian.go; gofmt -s -d scan/debian_test.go; gofmt -s -d scan/executil.go; gofmt -s -d scan/executil_test.go; gofmt -s -d scan/freebsd.go; gofmt -s -d scan/freebsd_test.go; gofmt -s -d scan/pseudo.go; gofmt -s -d scan/redhat.go; gofmt -s -d scan/redhat_test.go; gofmt -s -d scan/serverapi.go; gofmt -s -d scan/serverapi_test.go; gofmt -s -d scan/suse.go; gofmt -s -d scan/suse_test.go; gofmt -s -d scan/unknownDistro.go; gofmt -s -d scan/utils.go; gofmt -s -d scan/utils_test.go; gofmt -s -d util/logutil.go; gofmt -s -d util/util.go; gofmt -s -d util/util_test.go; go install -ldflags "-X 'main.version=v0.4.2' -X 'main.revision=d926b7f'" $ vuls -v vuls v0.4.2 d926b7f |
?
■まとめ
これで日本語化される脆弱性情報が増えるので、
アップデートしてない方はマストでやりましょう!
vuls-dockerの場合は$ docker rmi vuls/vuls $ docker pull vuls/vulsしてSQLite3取得し直すだけ!
そういえばクラウド版Vuls「FutureVuls」がリリースされましたね。
トライアルあれば使ってみたい…
https://vuls.biz/#Page1
0件のコメント