NVSHAS-8842 add support for new amazon linux versions

neuvector · Mar 27, 2024 · 394d26b · 394d26b
1 parent ee23045
commit 394d26b
Showing 1 changed file with 14 additions and 4 deletions.
diff --git a/updater/fetchers/amazon/amazon.go b/updater/fetchers/amazon/amazon.go
@@ -34,7 +34,8 @@ var (
 	ovals []ovalInfo = []ovalInfo{
 		ovalInfo{"amazon/alas.rss.gz", "Amazon Linux", 1},
 		ovalInfo{"amazon/alas2.rss.gz", "Amazon Linux 2", 2},
-		// ovalInfo{"amazon/alas2022.rss.gz", "Amazon Linux 2022"},
+		ovalInfo{"amazon/alas2022.rss.gz", "Amazon Linux 2022", 2022},
+		ovalInfo{"amazon/alas2023.rss.gz", "Amazon Linux 2023", 2023},
 	}
 )
 
@@ -130,6 +131,9 @@ func (u *AmazonFetcher) fetchOvalFeed(o *ovalInfo, net updater.NetInterface) ([]
 	}
 
 	for _, item := range rss.Channel.Items {
+		if strings.Contains(item.Meta, "ALAS-2023-359") {
+			fmt.Println(item)
+		}
 		tokens := strings.Split(item.Meta, " ")
 		if len(tokens) < 3 {
 			log.WithFields(log.Fields{"title": item.Meta}).Error("Failed to parse rss item title")
@@ -141,7 +145,7 @@ func (u *AmazonFetcher) fetchOvalFeed(o *ovalInfo, net updater.NetInterface) ([]
 			Link: item.Link,
 		}
 
-		switch tokens[1] {
+		switch strings.ToLower(tokens[1]) {
 		case "(critical):":
 			vuln.FeedRating = "Critical"
 			vuln.Severity = common.Critical
@@ -157,9 +161,15 @@ func (u *AmazonFetcher) fetchOvalFeed(o *ovalInfo, net updater.NetInterface) ([]
 
 		cves := strings.Split(item.CVEs, " ")
 		vuln.CVEs = make([]common.CVE, len(cves))
-		for i, cve := range cves {
-			vuln.CVEs[i].Name = strings.TrimRight(cve, ",")
+		count := 0
+		for _, cve := range cves {
+			name := strings.TrimRight(cve, ",\n ")
+			if name != "" {
+				vuln.CVEs[count].Name = name
+				count++
+			}
 		}
+		vuln.CVEs = vuln.CVEs[:count]
 
 		vuln.IssuedDate, _ = time.Parse(time.RFC1123, item.Issued)
 		vuln.LastModDate, _ = time.Parse(time.RFC1123, item.LastMod)