Skip to content

Commit

Permalink
Merge branch 'master' into mergify/bp/master/pr-1498
Browse files Browse the repository at this point in the history
  • Loading branch information
mergify[bot] authored Apr 20, 2021
2 parents bb197ed + 967da28 commit b3b9fcd
Show file tree
Hide file tree
Showing 2 changed files with 33 additions and 12 deletions.
11 changes: 9 additions & 2 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,14 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).

[21.4]: https://github.com/greenbone/gvmd/compare/gvmd-21.04...master

## [21.4] (unreleased)
## [21.4.1] (unreleased)

### Fixed
- Improve VT version handling for CVE & OVAL results [#1496](https://github.com/greenbone/gvmd/pull/1496)

[21.4.0]: https://github.com/greenbone/gvmd/compare/v21.4.0...gvmd-21.04

## [21.4.0] (2021-04-16)

### Added
- Extend GMP for extended severities [#1326](https://github.com/greenbone/gvmd/pull/1326) [#1329](https://github.com/greenbone/gvmd/pull/1329) [#1359](https://github.com/greenbone/gvmd/pull/1359) [#1371](https://github.com/greenbone/gvmd/pull/1371) [#1477](https://github.com/greenbone/gvmd/pull/1477) [#1488](https://github.com/greenbone/gvmd/pull/1488)
Expand Down Expand Up @@ -68,7 +75,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
- Remove severity type "debug" [#1316](https://github.com/greenbone/gvmd/pull/1316)
- Remove element "threat" of element "notes" [#1324](https://github.com/greenbone/gvmd/pull/1324)

[21.4]: https://github.com/greenbone/gvmd/compare/gvmd-20.08...gvmd-21.04
[21.4.0]: https://github.com/greenbone/gvmd/compare/gvmd-20.08...v21.4.0

## [20.8.2] (unreleased)

Expand Down
34 changes: 24 additions & 10 deletions src/manage_sql.c
Original file line number Diff line number Diff line change
Expand Up @@ -19215,7 +19215,7 @@ make_result (task_t task, const char* host, const char *hostname,
{
result_t result;
gchar *nvt_revision, *severity, *qod, *qod_type;
gchar *quoted_hostname, *quoted_descr, *quoted_path;
gchar *quoted_nvt, *quoted_hostname, *quoted_descr, *quoted_path;
nvt_t nvt_id = 0;

if (nvt && strcmp (nvt, "") && (find_nvt (nvt, &nvt_id) || nvt_id <= 0))
Expand All @@ -19231,17 +19231,28 @@ make_result (task_t task, const char* host, const char *hostname,
return 0;
}

quoted_nvt = NULL;
if (nvt && strcmp (nvt, ""))
{
quoted_nvt = sql_quote (nvt);

qod = g_strdup_printf ("(SELECT qod FROM nvts WHERE id = %llu)",
nvt_id);
qod_type = g_strdup_printf ("(SELECT qod_type FROM nvts WHERE id = %llu)",
nvt_id);

nvt_revision = sql_string ("SELECT iso_time (modification_time)"
" FROM nvts"
" WHERE uuid = '%s';",
nvt);
if (g_str_has_prefix (nvt, "1.3.6.1.4.1.25623."))
nvt_revision = sql_string ("SELECT iso_time (modification_time)"
" FROM nvts WHERE oid='%s'",
quoted_nvt);
else if (g_str_has_prefix (nvt, "oval:"))
nvt_revision = ovaldef_version (nvt);
else if (g_str_has_prefix (nvt, "CVE-"))
nvt_revision = sql_string ("SELECT iso_time (modification_time)"
" FROM scap.cves WHERE uuid='%s'",
quoted_nvt);
else
nvt_revision = strdup ("");
}
else
{
Expand Down Expand Up @@ -19269,9 +19280,10 @@ make_result (task_t task, const char* host, const char *hostname,
" '%s', make_uuid (), %s, %s, '%s',"
" (SELECT id FROM result_nvts WHERE nvt = '%s'));",
task, host ?: "", quoted_hostname, port ?: "",
nvt ?: "", nvt_revision, severity, type,
quoted_descr, qod, qod_type, quoted_path, nvt ? nvt : "");
quoted_nvt ?: "", nvt_revision, severity, type,
quoted_descr, qod, qod_type, quoted_path, quoted_nvt ? quoted_nvt : "");

g_free (quoted_nvt);
g_free (quoted_hostname);
g_free (quoted_descr);
g_free (qod);
Expand Down Expand Up @@ -19305,10 +19317,12 @@ make_cve_result (task_t task, const char* host, const char *nvt, double cvss,
" (owner, date, task, host, port, nvt, nvt_version, severity, type,"
" description, uuid, qod, qod_type, path, result_nvt)"
" VALUES"
" (NULL, m_now (), %llu, '%s', '', '%s', '', '%1.1f',"
" '%s', '%s', make_uuid (), %i, '', '',"
" (NULL, m_now (), %llu, '%s', '', '%s',"
" (SELECT iso_time (modification_time)"
" FROM scap.cves WHERE uuid='%s'),"
" '%1.1f', '%s', '%s', make_uuid (), %i, '', '',"
" (SELECT id FROM result_nvts WHERE nvt = '%s'));",
task, host ?: "", nvt, cvss, severity_to_type (cvss),
task, host ?: "", nvt, nvt, cvss, severity_to_type (cvss),
quoted_descr, QOD_DEFAULT, nvt);

g_free (quoted_descr);
Expand Down

0 comments on commit b3b9fcd

Please sign in to comment.