Package cve-check-tool: Specfile
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 | %define _unpackaged_files_terminate_build 1 %define _stripped_files_terminate_build 1 %set_verify_elf_method strict Name: cve-check-tool Version: 5.6.4 Release: alt23 Summary: Command line tool for checking known (public) CVEs Group: Other License: GPLv2 Url: https://github.com/ikeydoherty/cve-check-tool Source: %name-%version.tar BuildRequires: cmake BuildRequires: gcc-c++ BuildRequires: libcurl-devel libssl-devel BuildRequires: libclickhouse-cpp-devel >= 2.4.0 BuildRequires: boost-complete # tests BuildRequires: ctest libgtest-devel %description The tool will identify potentially vulnerable software packages within Linux distributions through version matching. Where possible it will also seek to determine (through a distribution implemention) if a vulnerability has been addressed by way of a patch. %prep %setup %build %add_optflags -D_FILE_OFFSET_BITS=64 -I/usr/include/clickhouse-cpp %cmake %cmake_build %install %cmakeinstall_std %check pushd %_cmake__builddir ctest -V popd %files %doc data/* %_bindir/* %changelog * Sun Jul 02 2023 Pavel Vainerman <pv@altlinux.ru> 5.6.4-alt23 - fixed build with libclickhouse-cpp-2.4.0-alt2 * Sat Apr 29 2023 Pavel Vainerman <pv@altlinux.ru> 5.6.4-alt22 - rebuild with libclickhouse-cpp-2.4.0 * Tue Feb 01 2022 Aleksei Nikiforov <darktemplar@altlinux.org> 5.6.4-alt21.git.cbc2d0e - Allow to process only specific packages or task. * Tue Dec 14 2021 Aleksei Nikiforov <darktemplar@altlinux.org> 5.6.4-alt20.git.cbc2d0e - Split cve-check-tool into 4 separate tools: + cve-check-dictionary-update collects information about known CPEs. + cve-check-dictionary-matcher tries matching packages to known CPEs. + cve-check-update updates information about known CVEs. + cve-check-tool updates information about matching, closed, discarded and other CVEs for all packages. * Wed Dec 01 2021 Aleksei Nikiforov <darktemplar@altlinux.org> 5.6.4-alt19.git.cbc2d0e - Split Cve table into Vulnerabilities and VulnerabilitiesStatus tables. - Implemented keeping history of table updates via timestamps and 'actual'/'removed' statuses where necessary. * Mon Nov 15 2021 Aleksei Nikiforov <darktemplar@altlinux.org> 5.6.4-alt18.git.cbc2d0e - Implemented processing only new CVE entries instead of reuploading whole table. - Implemented committing data limit with new command-line option. * Wed Nov 10 2021 Aleksei Nikiforov <darktemplar@altlinux.org> 5.6.4-alt17.git.cbc2d0e - Refactored project. - Implemented tests. * Thu Aug 12 2021 Aleksei Nikiforov <darktemplar@altlinux.org> 5.6.4-alt16.git.cbc2d0e - Implemented specifying reason for marking CVE fixed. * Mon Aug 02 2021 Aleksei Nikiforov <darktemplar@altlinux.org> 5.6.4-alt15.git.cbc2d0e - Adapted to new clickhouse database structure. * Tue Oct 06 2020 Aleksei Nikiforov <darktemplar@altlinux.org> 5.6.4-alt14.git.cbc2d0e - Added recording of discarded CVEs via new option. * Fri Oct 02 2020 Aleksei Nikiforov <darktemplar@altlinux.org> 5.6.4-alt13.git.cbc2d0e - Updated version and release processing. * Fri Sep 25 2020 Aleksei Nikiforov <darktemplar@altlinux.org> 5.6.4-alt12.git.cbc2d0e - Updated CVE URL. * Fri Sep 25 2020 Aleksei Nikiforov <darktemplar@altlinux.org> 5.6.4-alt11.git.cbc2d0e - Updated supported architectures. * Tue Sep 22 2020 Aleksei Nikiforov <darktemplar@altlinux.org> 5.6.4-alt10.git.cbc2d0e - Switched to NVD JSON 1.1 Schema. - Increased logging in verbose mode for NVD data downloading. - Added option to use separate clickhouse configs. - Added example clickhouse configs. * Mon Jun 29 2020 Aleksei Nikiforov <darktemplar@altlinux.org> 5.6.4-alt9.git.cbc2d0e - Updated supported architectures. * Fri Oct 18 2019 Aleksei Nikiforov <darktemplar@altlinux.org> 5.6.4-alt8.git.cbc2d0e - Improved clickhouse exception messages. * Tue Sep 24 2019 Aleksei Nikiforov <darktemplar@altlinux.org> 5.6.4-alt7.git.cbc2d0e - Implemented parsing 'configurations' object instead of 'affected' object from NVD JSON data. - Added verbose and offline modes. * Tue Sep 10 2019 Aleksei Nikiforov <darktemplar@altlinux.org> 5.6.4-alt6.git.cbc2d0e - Added support for obtaining information about closed CVEs from clickhouse backend. - Switched to using murmur hash internally instead of sha1. - Added processing of binary packages. * Fri Aug 30 2019 Aleksei Nikiforov <darktemplar@altlinux.org> 5.6.4-alt5.git.cbc2d0e - Switched to truncating and refilling absent products table instead of checking for duplicates. * Tue Aug 20 2019 Aleksei Nikiforov <darktemplar@altlinux.org> 5.6.4-alt4.git.cbc2d0e - Implemented clickhouse input and output plugins. - Fixed options parsing. - Allowed processing multiple packages with same name. - Implemented option to output information about CVE in packages not in repository. * Tue Jul 30 2019 Slava Aseev <ptrnine@altlinux.org> 5.6.4-alt3.git.cbc2d0e - Migrate to NVD JSON Feed 1.0 (XML Feeds go away in October 9th of 2019) - Common improvements: + Replace GLib 'g_str_hash' by 't1ha' hash function because the first one has too many collisions for CVE dataset (mainly due to small hash length) + Add optional runtime hash collision check (-H option) + Add executable for hash collision checking + Add optional feature for dropping '-dev' 'lib' and abi suffixes and prefixes from package names (-F option) - Rpm plugin improvements: + Add scan of changelog section for finding already fixed CVEs + Fix mistake with patch numeration + Fix evaluation of rpm macroses * Wed Aug 29 2018 Grigory Ustinov <grenka@altlinux.org> 5.6.4-alt2.git.cbc2d0e.1 - NMU: Rebuild with new openssl 1.1.0. * Mon Apr 10 2018 Alexandr Antonov <aas@altlinux.org> 5.6.4-alt2.git.cbc2d0e - Fixed field line breaks in a readable form (Closes: 33940) * Wed Jun 14 2017 Sergey Novikov <sotor@altlinux.org> 5.6.4-alt1.git.cbc2d0e - Add upstream commits to fix update error - 5.6.4 Initial build for ALT |