packages/aops-ceres
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

获取存在多个热补丁对CVE有效时,匹配正确应用的热补丁

Browse Source 
(cherry picked from commit 0c2c73e7ae87a4e45b238793f5d950544d123395)
This commit is contained in:
gongzt 2023-06-30 19:17:11 +08:00 committed by openeuler-sync-bot
parent d771039b3d
commit 0015d11f31
2 changed files with 44 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
0005-match-correctly-applied-hotpatchs.patch Normal file
View File

@ -0,0 +1,39 @@
From 6875f8f6dbe2f7b08cf6a447057bfd4514b83537 Mon Sep 17 00:00:00 2001
From: gongzhengtang <gong_zhengtang@163.com>
Date: Fri, 30 Jun 2023 11:09:24 +0000
Subject: [PATCH] Match the correctly applied hot patches
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Signed-off-by: gongzhengtang <gong_zhengtang@163.com>
---
ceres/manages/vulnerability_manage.py | 13 +++++--------
1 file changed, 5 insertions(+), 8 deletions(-)
diff --git a/ceres/manages/vulnerability_manage.py b/ceres/manages/vulnerability_manage.py
index 8547abe..cfecb60 100644
--- a/ceres/manages/vulnerability_manage.py
+++ b/ceres/manages/vulnerability_manage.py
@@ -429,14 +429,11 @@ class VulnerabilityManage:
if status_code == FAIL or not re.search("base-pkg/hotpatch", hotpatch_list_output):
return None
- for hotpatch_info in [line for line in hotpatch_list_output.split(os.linesep) if line]:
- if not hotpatch_info.startswith("CVE"):
- continue
- _, hot_pkg, _, = [info.strip() for info in hotpatch_info.split()]
- if hot_pkg == "base-pkg/hotpatch":
- continue
- return hot_pkg
- return ""
+ for hotpatch_info in [line for line in hotpatch_list_output.split(os.linesep) if line.startswith("CVE")]:
+ _, hot_pkg, status = hotpatch_info.strip().split()
+ if status == "ACTIVED":
+ return hot_pkg
+ return None
def _syscare_operate(self, operate, patch_name=None):
"""
--
Gitee

6
aops-ceres.spec
View File

@ -1,6 +1,6 @@
Name: aops-ceres
Version: v1.2.1
Release: 5
Release: 6
Summary: An agent which needs to be adopted in client, it managers some plugins, such as gala-gopher(kpi collection), fluentd(log collection) and so on.
License: MulanPSL2
URL: https://gitee.com/openeuler/%{name}
@ -9,6 +9,7 @@ Patch0001: 0001-modify-return-value-when-no-hotpatch-is-matched.patch
Patch0002: 0002-update-cve-fix-and-cve-scan.patch
Patch0003: 0003-fix-issue-cve-fix-result-doesn-t-match-log.patch
Patch0004: 0004-update-hotpatch-info-query-func.patch
Patch0005: 0005-match-correctly-applied-hotpatchs.patch
BuildRequires: python3-setuptools
@ -44,6 +45,9 @@ An agent which needs to be adopted in client, it managers some plugins, such as
%changelog
* Fri Jun 30 2023 gongzhengtang<gong_zhengtang@163.com> - v1.2.1-6
- Match the correctly applied hot patches
* Wed Jun 21 2023 wenxin<shusheng.wen@outlook.com> - v1.2.1-5
- update hostpatch info query func