diff --git a/cve_bin_tool/checkers/__init__.py b/cve_bin_tool/checkers/__init__.py index add502b310..ce282aab9f 100644 --- a/cve_bin_tool/checkers/__init__.py +++ b/cve_bin_tool/checkers/__init__.py @@ -267,6 +267,7 @@ "ntfs_3g", "ntp", "ntpsec", + "oath_toolkit", "open_iscsi", "open_vm_tools", "openafs", diff --git a/cve_bin_tool/checkers/oath_toolkit.py b/cve_bin_tool/checkers/oath_toolkit.py new file mode 100644 index 0000000000..dbead04038 --- /dev/null +++ b/cve_bin_tool/checkers/oath_toolkit.py @@ -0,0 +1,20 @@ +# Copyright (C) 2024 Orange +# SPDX-License-Identifier: GPL-3.0-or-later + + +""" +CVE checker for oath_toolkit + +https://www.cvedetails.com/product/27196/Nongnu-Oath-Toolkit.html?vendor_id=6788 + +""" +from __future__ import annotations + +from cve_bin_tool.checkers import Checker + + +class OathToolkitChecker(Checker): + CONTAINS_PATTERNS: list[str] = [] + FILENAME_PATTERNS: list[str] = [] + VERSION_PATTERNS = [r"([0-9]+\.[0-9]+\.[0-9]+)[0-9A-Za-z/%\-\*\.\:\t\r\n]*Liboath"] + VENDOR_PRODUCT = [("nongnu", "oath_toolkit")] diff --git a/test/condensed-downloads/liboath-2.6.12-1.fc42.aarch64.rpm.tar.gz b/test/condensed-downloads/liboath-2.6.12-1.fc42.aarch64.rpm.tar.gz new file mode 100644 index 0000000000..7d19969335 Binary files /dev/null and b/test/condensed-downloads/liboath-2.6.12-1.fc42.aarch64.rpm.tar.gz differ diff --git a/test/condensed-downloads/liboath0_2.6.1-1.3_amd64.deb.tar.gz b/test/condensed-downloads/liboath0_2.6.1-1.3_amd64.deb.tar.gz new file mode 100644 index 0000000000..8a8483a8e5 Binary files /dev/null and b/test/condensed-downloads/liboath0_2.6.1-1.3_amd64.deb.tar.gz differ diff --git a/test/condensed-downloads/liboath0_2.6.7-3.1_s390x.deb.tar.gz b/test/condensed-downloads/liboath0_2.6.7-3.1_s390x.deb.tar.gz new file mode 100644 index 0000000000..11a0ce2b20 Binary files /dev/null and b/test/condensed-downloads/liboath0_2.6.7-3.1_s390x.deb.tar.gz differ diff --git a/test/condensed-downloads/oath-toolkit_2.6.2-5_x86_64.ipk.tar.gz b/test/condensed-downloads/oath-toolkit_2.6.2-5_x86_64.ipk.tar.gz new file mode 100644 index 0000000000..2f75e86028 Binary files /dev/null and b/test/condensed-downloads/oath-toolkit_2.6.2-5_x86_64.ipk.tar.gz differ diff --git a/test/test_data/oath_toolkit.py b/test/test_data/oath_toolkit.py new file mode 100644 index 0000000000..ddd27c16fe --- /dev/null +++ b/test/test_data/oath_toolkit.py @@ -0,0 +1,36 @@ +# Copyright (C) 2024 Orange +# SPDX-License-Identifier: GPL-3.0-or-later + +mapping_test_data = [ + { + "product": "oath_toolkit", + "version": "2.6.1", + "version_strings": ["2.6.1\nLiboath"], + } +] +package_test_data = [ + { + "url": "http://rpmfind.net/linux/fedora/linux/development/rawhide/Everything/aarch64/os/Packages/l/", + "package_name": "liboath-2.6.12-1.fc42.aarch64.rpm", + "product": "oath_toolkit", + "version": "2.6.12", + }, + { + "url": "http://ftp.debian.org/debian/pool/main/o/oath-toolkit/", + "package_name": "liboath0_2.6.1-1.3_amd64.deb", + "product": "oath_toolkit", + "version": "2.6.1", + }, + { + "url": "http://ftp.debian.org/debian/pool/main/o/oath-toolkit/", + "package_name": "liboath0_2.6.7-3.1_s390x.deb", + "product": "oath_toolkit", + "version": "2.6.7", + }, + { + "url": "https://downloads.openwrt.org/releases/packages-19.07/x86_64/packages/", + "package_name": "oath-toolkit_2.6.2-5_x86_64.ipk", + "product": "oath_toolkit", + "version": "2.6.2", + }, +]