Sisyphus repository
Last update: 20 october 2020 | SRPMs: 17712 | Visits: 19441965
en ru br
ALT Linux repos

Group :: Other
RPM: cve-manager

 Main   Changelog   Spec   Patches   Sources   Download   Gear   Bugs and FR  Repocop 

12 october 2020 Alexey Appolonov <alexey at> 0.39.0-alt1

  • Improved URL-matching;
  • Corrected partial matching of short package/product names.

7 october 2020 Alexey Appolonov <alexey at> 0.38.1-alt1

  • Corrected procedure of making a mapping choice.

6 october 2020 Alexey Appolonov <alexey at> 0.38.0-alt1

  • Improved URL-matching;
  • Minimally acceptable score of a matching is lowered;
  • Ability to detect newly established/found matches of package names that
     previously have not been matched to product names and to detect newly
     denied/lost name matches;
  • Display of a number of excluded NVD entries and a number of excluded CPEs
     during an import process.

22 september 2020 Alexey Appolonov <alexey at> 0.37.0-alt1

  • Re-evaluated ranking of types of matching;
  • Ability to make multiple attempts to perform each step of the DB formation
     without errors.

22 september 2020 Alexey Appolonov <alexey at> 0.36.8-alt1

  • Fixed error handling in cve-import module;
  • Optimized storage of timelines of packages.

17 september 2020 Alexey Appolonov <alexey at> 0.36.7-alt1

  • Corrected behavior of the modules when running them with no arguments;
  • Build with a new version of the 'ax' library that adds more sence into
     comparison of versions.

15 september 2020 Alexey Appolonov <alexey at> 0.36.6-alt1

  • Determinism of a mapping choice in any cornercase situation;
  • Optimized usage of memory during import of timelines;
  • Minor tweaks and fixes.

9 september 2020 Alexey Appolonov <alexey at> 0.36.5-alt1

  • Better way of normalization of scores of the 'fixes' type of matching.

2 september 2020 Alexey Appolonov <alexey at> 0.36.4-alt1

  • Handling of a situation when a branch that being processed with the
     cve-history module has no *_src or *_issues tables;
  • Comparisons of symbolic versions versus numeric versions are filtered out
     during a detection of issues.

28 august 2020 Alexey Appolonov <alexey at> 0.36.3-alt1

  • Fixed issue of incorrect data splitting while using multiple cores
     during a mapping;
  • Handling of excluded mapping pairs that contain product names
     that contain commas;
  • Length of the 'MAPPED NAME' column of the reports is restricted.

20 august 2020 Alexey Appolonov <alexey at> 0.36.2-alt1

  • Fixed features used for testing of cpe-map* modules;
  • Resolved rivalry between 'url' and 'complete' types of matching.

13 august 2020 Alexey Appolonov <alexey at> 0.36.1-alt1

  • Optimized memory usage when importing data.

30 july 2020 Alexey Appolonov <alexey at> 0.36.0-alt1

  • New type of matching of package names to names of vulnerable products that
     uses URL-addresses from metadata of source packages and URL-addresses from
     CPE dictionary.

28 july 2020 Alexey Appolonov <alexey at> 0.35.0-alt1

  • Simpler, more reliable algorithm of making a mapping choice (for mapping
     package names to CPE/FSTEC product names).

22 july 2020 Alexey Appolonov <alexey at> 0.34.1-alt1

  • Fixed filtering of excluded issues;
  • Corrected counter of related packages;
  • Right way of handling some of the possible errors;
  • Procedures that ensure that required configuration params are present;
  • Ability to call for a list of modules without passing other params;
  • Requirement of libcontrol++ 0.24.1 update that is really important;
  • Complemented manual.

16 july 2020 Alexey Appolonov <alexey at> 0.34.0-alt1

  • New input data convention - a bin list (and it's simplified ver) is sufficient
     for representing an investigated repository, src list is no longer supported;
  • Correlations of build timelines of packages and mention dates of vulnerable
     products are taken into account when making a mapping choice;
  • New model of parallel processing + elimination of verbose logging for
     cve-fixes, cpe-map and cve-issues that together result in improved
     performance and much lighter and clearer log;
  • cve-manager's dialog mode is deprecated (a user can learn about existing
     modules with a use of the 'cve-manager --list_modules' command before running
     the whole process or just it's particular parts through the main module).

20 april 2020 Alexey Appolonov <alexey at> 0.33.1-alt1

  • Sensibility to unconverted names during a process of complete name matching;
  • Corrected supplementary function of custom-name mapping;
  • Build with enhanced 'ax' module.

18 april 2020 Alexey Appolonov <alexey at> 0.33.0-alt1

  • Ability to keep track of a history of a map of package names;
  • ACLs of packages can be fetched via cve-download;
  • Packages that have names with related prefixes, or that differ only in letter
     case, or with different delimiters in them can all be determined as relatives;
  • Reports are made more compact.

13 april 2020 Alexey Appolonov <alexey at> 0.32.2-alt1

  • Corrected formation of fix records;
  • Fixed and adjusted procedure of partial matching;
  • Packages with 'python3-module' prefix can be mapped to vulnerable products on
     the same terms as packages with 'python-module' or any other special prefix.

8 april 2020 Alexey Appolonov <alexey at> 0.32.1-alt1

  • Corrected functionality of comparison of branches.

1 april 2020 Alexey Appolonov <alexey at> 0.32.0-alt2

  • Corrected version of the required package.

31 march 2020 Alexey Appolonov <alexey at> 0.32.0-alt1

  • Handling of ACLs of the packages;
  • Improved compactness of the reports;
  • Optimized DB storage.

19 february 2020 Alexey Appolonov <alexey at> 0.31.1-alt1

  • Handling of special symbols used in some CPEs.

16 february 2020 Alexey Appolonov <alexey at> 0.31.0-alt1

  • Import of records of debuginfo bin packages not performed;
  • Ability to exclude some of the CPEs (by placing "<vendor>, <product>" lines
     in "cpe-excluded.csv" file).

9 february 2020 Alexey Appolonov <alexey at> 0.30.0-alt1

  • Import of CPE of other than 'application' part not performed except for
     CPE of 'linux' vendor of 'operating system' part;
  • Import of CPE with unknown version not performed if there is CPE with
     specified version and with the same product name for that CVE record;
  • Enhanced mapping algorithm.

29 january 2020 Alexey Appolonov <alexey at> 0.29.5-alt1

  • Fixed 'fixes' matching;
  • Fixed monitoring of diff between branches.

25 january 2020 Alexey Appolonov <alexey at> 0.29.4-alt1

  • cve-monitor reports take less memory space (by means of not including
     useless space symbols).

23 january 2020 Alexey Appolonov <alexey at> 0.29.3-alt1

  • Custom order of records of history/news reports is possible.

12 january 2020 Alexey Appolonov <alexey at> 0.29.2-alt1

  • Fix of monitoring of new unfixed issues.

6 january 2020 Alexey Appolonov <alexey at> 0.29.1-alt1

  • Fix of bug that was causing abortion of 'cve-issues' module.

3 january 2020 Alexey Appolonov <alexey at> 0.29.0-alt1

  • Enhanced data processing that makes for a much more accurate conclusions
     about the range of vulnerable versions;
  • Improved readability of the reports.

24 december 2019 Alexey Appolonov <alexey at> 0.28.0-alt1

  • Ability to monitor dynamics of the issues;
  • Corrected processing of '*' versions;
  • Displaying intervals of vulnerable versions in reports;
  • Fixed functionality of customisation of ordering of a report entries;
  • Corrected extraction of non-patch references.

7 december 2019 Alexey Appolonov <alexey at> 0.27.0-alt1

  • Storage space and computing resource economy by means of optimised
     representation of vulnerable software.

6 december 2019 Alexey Appolonov <alexey at> 0.26.0-alt1

  • CVSS v2 scores take their place along with v3 scores.

4 december 2019 Alexey Appolonov <alexey at> 0.25.0-alt1

  • Ability to manually discard incorrect matches.

4 december 2019 Alexey Appolonov <alexey at> 0.24.2-alt1

  • Corrected CPE parser that runs at the issues-detection stage.

2 december 2019 Alexey Appolonov <alexey at> 0.24.1-alt1

  • Protection from quotation marks that can be found in CVE summary and
     that messes up the CSV import;
  • Corrected parser (according with CPE ver 2.3 format);
  • Bugfixes.

24 november 2019 Alexey Appolonov <alexey at> 0.24.0-alt1

  • Downloading and importing NVD vulnerabilities lists in JSON format
     with the use of newly created 'libtree';
  • Ability to manually exclude some of the issues and make mapping prescriptions
     with the use of newly created 'cve-manager-inner-knowledge'.

27 september 2019 Alexey Appolonov <alexey at> 0.23.2-alt1

  • Optimized XML-import.

21 september 2019 Alexey Appolonov <alexey at> 0.23.1-alt1

  • cve-monitor bugfixes.

18 september 2019 Alexey Appolonov <alexey at> 0.23.0-alt1

  • Patch references can be added to cve-monitor reports for unfixed
  • More than a half of DB storage is saved by storring the issues only for the
     most generic versions;
  • New view on 'fix' conclusions - there is 'unclear' fix status (for
     vulnerabilities with no stated vulnerable versions, for example).

23 may 2019 Alexey Appolonov <alexey at> 0.22.1-alt1

  • Fix of couple flaws of the mapping process.

19 may 2019 Alexey Appolonov <alexey at> 0.22.0-alt1

  • Multithreading is arranged in a more optimal way;
  • 'Complete' matching is not performed for a packages that got one of the
     special prefixes ('python-module', 'perl', ...);
  • Enhanced algorithm of the 'partial' matching;
  • Package names that differ only by numerical part at the end
     (so called 'relatives') is handled more wisely during mapping;
  • Issues that differ only in additional part of CPE is ignored;
  • cve-monitor is using only senior branches (that must be specified
     in the conf) in 'cure' suggestions, 'cure' suggestions is optional;
  • cve-monitor is placing too long lists of vulnerable versions in footnotes
     of the reports.

17 april 2019 Alexey Appolonov <alexey at> 0.21.0-alt1

  • Compatibility with MySQL 8.*;
  • Modifyed mapping process - src/bin lists of all the branches are combined
     as src_united/bin_united and then processed in that combined form;
  • Much more intelligent approach to parallel execution of the modules,
     especially two most time consuming modules - cpe-map and cve-issues;
  • Improved feedback in multiprocessing mode;
  • 'CURE' suggestions in cve-monitor's reports.

18 march 2019 Alexey Appolonov <alexey at> 0.20.0-alt1

  • Use of all existing names from vulnerabilities lists instead of names
     from CPE dict for mapping;
  • Completely redesigned mapping module: every type of mapping can be triggered
     individually, results for every type of mapping are stored in the DB,
     special algorithm is used for making the final mapping choice - all this
     allows to created separate thread for each type of matching in auto mode;
  • Ability to detect and go round format faults of the packages lists;
  • Consideration of excluded data sources by cve-download and cve-monitor;
  • Fully implemented restoring functionality of cve-backup;
  • Ability to set the number of stored backup files;
  • Fixed params handling of cve-monitor;
  • Output functionality is adapted for situation when modules are triggered
     by cron.

10 december 2018 Alexey Appolonov <alexey at> 0.19.0-alt1

  • Ability to run in multiprocessing mode;
  • Ability to exclude data sources;
  • Modified user interface of the cve-monitor;
  • Showing CVSS score in cve-monitor reports;
  • Ability to order monitoring results in various ways;
  • Ability to group packages with unfixed vulnerabilities in cve-monitor reports;
  • All printing operations carried by Printer class, which not only makes life
     easier but brings cool features like buffering the input for later mailout;
  • Ability to run in 'silent' mode;
  • Ability to send emails with cve-monitor reports.

28 october 2018 Alexey Appolonov <alexey at> 0.18.1-alt2

  • Rebuilding with new libcontrol++.

17 october 2018 Alexey Appolonov <alexey at> 0.18.1-alt1

  • Correction of branch names validation.

15 october 2018 Alexey Appolonov <alexey at> 0.18.0-alt1

  • Names of avalible branches are section names of the conf;
  • Each branch now have a set of params;
  • Renaming 'paths' section of the conf to 'common';
  • Skipping repetition of branch sections in conf;
  • There is no cve-import's "--space" param anymore;
  • Russian manual.

30 september 2018 Alexey Appolonov <alexey at> 0.17.1-alt1

  • Running downloader without 'noreplace' flag in auto mode;
  • Fix of the 'cve-monitor --map' command;
  • Printing with TPrinter of the libcontrol++.

10 september 2018 Alexey Appolonov <alexey at> 0.17.0-alt1

  • Prescribed mapping;
  • Detecting 'relative' packages at the import stage
     and using information about them as mapping attribute;
  • Handling FSTEC vulnerabilities within current cve-issues concept;
  • cve-monitor is working OK within current cve-issues concept;
  • Revised comparison of versions that happens at the issues-detection stage;
  • Revised packages-filtering function;
  • Removing duplicates of src packages names at import stage
     and corresponding bin-packages names, not vice versa;
  • Not importing CPEs of 'hardware' part;
  • Not importing Mitre list by default;
  • Common bin package for conf file & common py module;
  • Own config file for cve-monitor.

2 september 2018 Alexey Appolonov <alexey at> 0.16.0-alt1

  • Versions of vulnerable programs are now taken into account when figuring out
     the 'fix' entries of *_issues table;
  • Ability to compare 'fix' entries of different branches;
  • c7.1 and c8.1 branches are avalible for cve-manager;
  • Fix of monitoring of the selected packages;
  • Only members of the 'cve' group can run modules that modify
     the vulnerabilities DB.

27 july 2018 Alexey Appolonov <alexey at> 0.15.0-alt1

  • Proper output when running with 'tee' in auto mode;
  • Correction in mapping algorithm, including 1) check if there are some
     CPE/FSTEC names left to map, 2) additional break condition of the mapping
     loop, so there could be no infinite loop, 3) fix of the wrong behavior
     emerging for a names that differ only by number at the end, 4) avoidance of
     complete match for the duplicates, 5) fix of the RemoveMapDups function;
  • Ability to disable bin partial match;
  • Filtering the package lists with distro list;
  • Fix of the import of the last NVD CVE list;
  • Working realisation of the 'packs' option of the cve-import;
  • No more verbose output option in cve-import;
  • cve-import's UI now looks more like UI of the py-modules;
  • Introducing refs and const modifier wherever possible for the cve-import.

25 june 2018 Alexey Appolonov <alexey at> 0.14.0-alt1

  • Aligning columns for the output of existing issues;
  • Ability to omit the download of the old lists;
  • Fixing the 'Fixes' entries matching in cve-issues.

21 june 2018 Alexey Appolonov <alexey at> 0.13.2-alt1

  • Handling the situation when the DB does not exist (by all modules).

20 june 2018 Alexey Appolonov <alexey at> 0.13.1-alt1

  • Ability to choose mapping type (FSTEC or CPE by now);
  • Reducing bin packages dict before mapping if '--packages' option is used
     (similar to src list reduction).

19 june 2018 Alexey Appolonov <alexey at> 0.12.2-alt1

  • Correction of the cve-fixes module;
  • Checking DB-users grp existence before creating it at the postinstall stage.

9 june 2018 Alexey Appolonov <alexey at> 0.12.1-alt1

  • Fix of the 'plain' output mode.

7 june 2018 Alexey Appolonov <alexey at> 0.12.0-alt1

  • Ability to state beginning and ending steps for auto mode;
  • Ability to state custom '/space' path;
  • Ability to retrieve 'Fixes' entries for the given packages names;
  • NVD CVE lists import fix;
  • cpe-map infinite loop fix that was possible with some input data;
  • Improved logic for the cve-monitor's user interface.

1 june 2018 Alexey Appolonov <alexey at> 0.11.1-alt1

  • Correction of params for cve-issues in auto mode.

31 may 2018 Alexey Appolonov <alexey at> 0.11.0-alt1

  • Ability to set starting step for auto mode in main module;
  • Usage examples for cve-download;
  • Arguments handling fix in cve-issues;
  • Only root can modify cve-manager.conf.

28 may 2018 Alexey Appolonov <alexey at> 0.10.0-alt1

  • New module cve-backup;
  • Ability to prepare database in auto mode.

21 may 2018 Alexey Appolonov <alexey at> 0.9.0-alt1

  • Full integration of the FSTEC vulnerabilities list;
  • Bin packages matching fix;
  • Ability to use custom mapping application;
  • Memory leakage fix.

4 may 2018 Alexey Appolonov <alexey at> 0.8.0-alt1

  • New module
  • "Fixes" entries now stored in *_src tables;
  • Importing bin lists;
  • Enhanced mapping algorithm;
  • Unescaping URL codes from CPE in cve-import;
  • More flexibility in cve-import tables recreation;
  • Ability to disable entireline output in cve-import;
  • Catching run modes with;
  • Using argparse in majority of modules;
  • cve-fixes new features;
  • Monitoring CVE issues table and monitoring CVE descriptions for the packages;
  • Single path for CVE lists and CPE dict import that specified
     in configuration file.

16 march 2018 Alexey Appolonov <alexey at> 0.7.0-alt1

  • Improved output format;
  • CPE dict names import with sections separation;
  • Fixed and improved mapping algorithm;
  • Fixes-extraction parts completely removed from cve-import;
  • Working version of cve-linker module under new name "";
  • New cve-monitor functionality;
  • Various fixes and improvements in py-modules.

5 march 2018 Alexey Appolonov <alexey at> 0.6.0-alt1

  • New features and improvements;
  • New module;
  • New module;
  • Fixes tables structure changed;
  • Error handling correction when applying configuration for cve-import module.

1 march 2018 Alexey Appolonov <alexey at> 0.5.0-alt1

  • Taking CPE name from "name" attribute of the "cpe-item" tag,
     not from "cpe-23:cpe23-item" tag;
  • CPE dictionary can be imported directly, without creating CSV file,
     just like NVD XML can be;
  • New functionality;
  • Sending cpe-packages map to the database;
  • Monitoring mapped packages.

26 february 2018 Alexey Appolonov <alexey at> 0.4.0-alt1

  • CPE dictionary import;
  • New module with common functions and classes
     used by other cve-manager py-modules;
  • cve-monitor rewritten with the use of;
  • CPE mapper ( first draft;
  • Changes in debug mode.

19 february 2018 Alexey Appolonov <alexey at> 0.3.0-alt1

  • New version of main module written in Python;
  • New module "cve-monitor";
  • Minor fixes.

15 february 2018 Alexey Appolonov <alexey at> 0.2.1-alt1

  • common* and conf* files was removed from the project because
     they are included in dynamically linked libcontrol++.

14 february 2018 Alexey Appolonov <alexey at> 0.2.0-alt1

  • What previously known as "cve-manager" now became
     "cve-import" module of the cve-manager toolkit
     with "cve-manager" script as top level module.

13 february 2018 Alexey Appolonov <alexey at> 0.1.2-alt1

  • Fixing usage of branches flags from configuration file;
  • Changes in display output for the operations status.

31 january 2018 Alexey Appolonov <alexey at> 0.1.1-alt1

  • Chmod of configuration file (only system administrator
     should know MySQL DB password);
  • MySQL authentication bug fixed;
  • Handling the situation when packages lists can not be found;
  • Removing formed CSV file with NVD CVE list right after import to DB.

29 january 2018 Alexey Appolonov <alexey at> 0.1.0-alt1

  • Initial release.
design & coding: Vladimir Lettiev aka crux © 2004-2005, Andrew Avramenko aka liks © 2007-2008
current maintainer: Michael Shigorin