Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Operating system / publisher / software and CVE #1625

Open
Gruikgruik opened this issue Sep 9, 2024 · 7 comments
Open

Operating system / publisher / software and CVE #1625

Gruikgruik opened this issue Sep 9, 2024 · 7 comments
Assignees
@gillesdubois @damienbelliard @RudyLaurent @charleneauger
Labels
bug need approval

Comments

@Gruikgruik
Copy link

Hello everyone

OCS Inventory version

ocsinventory: 2.12.2
ocsagent: 2.10.2
cve-search 5.1.0
mariadb 10.5
php:8.2
apache: 2.4

Describe the bug

I just set up cve-serach and ocsinventory, everything works well overall.

On the other hand, at the level of the agent reports on machines in centos or rocky linux, the publisher for the perl software (for example) is identified in Centos and Rocky Enterprise Software Foundation. while on ubuntu and debian it is identified as http://dev\.perl\.org/perl5.

Which means that at the CVE level in the software view of the machines, the CVEs do not appear for centos and rocky linux.

I looked at the regex engine, but nothing changes, it does not want to display them or make the link. I may be using it wrong too.

Do you have an idea, a lead ?

Screenshots

exemple for softwares on server centos / rocky Linux

2024-08-30_13h08_04 (1)

exemple for softwares on server ubuntu / debian

2024-08-30_13h08_05 (1)

exemple rapport CVE

2024-08-30_13h27_55 (1)
@Gruikgruik
Copy link
Author

Hi,

Has anyone encountered this situation before ?

@Gruikgruik
Copy link
Author

Hello everyone,

I'm reviving the subject to find out if anyone has already encountered this situation, or to give me a clue.

Bonjour à tous,

Je relance le sujet pour savoir si quelqu'un a déjà rencontré cette situation, ou me donner une piste.

@Lea9250
Copy link
Contributor

Lea9250 commented Oct 21, 2024

Hi @Gruikgruik

Could you share how you configured your regex? It would be helpful to take a look at it.
Additionally, you can enable the debug mode (General configuration > CVE-search management) and check the output of the CVE script. If needed the script can also be run with a debug option to generate more detailed logs.

Best regards,
Léa

@Gruikgruik
Copy link
Author

Hi @Lea9250

Thanks for your help. attached the regex configuration

2024-10-28_11h25_54

I looked in the configuration for debug mode, is that the one ?

2024-10-28_11h32_44

Best regards,

Gruik

@Gruikgruik
Copy link
Author

Hi @Lea9250

This does it for all applications on centos and Rocky linux systems

@Gruikgruik
Copy link
Author

Hi,

Indeed, in the history of CVEs only applications for systems based on Ubuntu or Debian go back

@Gruikgruik
Copy link
Author

Hi and happy new year,

Does anyone have any idea where ocsinventory only lists software related to the debian and ubuntu version?

Because in the CVE History tab at the editor level the names correspond to the ubuntu and debian versions, and not those of rocky linux or centos

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@gillesdubois gillesdubois

@damienbelliard damienbelliard

@RudyLaurent RudyLaurent

@charleneauger charleneauger

Labels
bug need approval
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@gillesdubois @damienbelliard @Gruikgruik @RudyLaurent @charleneauger @Lea9250