aboutsummaryrefslogtreecommitdiff
path: root/tests/cve.scm
blob: 3fbb22d3c666675659d284a45129b42da5f9e6e5 (about) (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63

;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2015, 2016 Ludovic Courtès <ludo@gnu.org>
;;;
;;; This file is part of GNU Guix.
;;;
;;; GNU Guix is free software; you can redistribute it and/or modify it
;;; under the terms of the GNU General Public License as published by
;;; the Free Software Foundation; either version 3 of the License, or (at
;;; your option) any later version.
;;;
;;; GNU Guix is distributed in the hope that it will be useful, but
;;; WITHOUT ANY WARRANTY; without even the implied warranty of
;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
;;; GNU General Public License for more details.
;;;
;;; You should have received a copy of the GNU General Public License
;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.

(define-module (test-cve)
  #:use-module (guix cve)
  #:use-module (srfi srfi-1)
  #:use-module (srfi srfi-64))

(define %sample
  (search-path %load-path "tests/cve-sample.xml"))

(define (vulnerability id packages)
  (make-struct (@@ (guix cve) <vulnerability>) 0 id packages))

(define %expected-vulnerabilities
  ;; What we should get when reading %SAMPLE.
  (list
   ;; CVE-2003-0001 has no "/a" in its product list so it is omitted.
   ;; CVE-2004-0230 lists "tcp" as an application, but lacks a version number.
   (vulnerability "CVE-2008-2335" '(("phpvid" "1.2" "1.1")))
   (vulnerability "CVE-2008-3522" '(("enterprise_virtualization" "3.5")
                                    ("jasper" "1.900.1")))
   (vulnerability "CVE-2009-3301" '(("openoffice.org" "2.3.0" "2.2.1" "2.1.0")))
   ;; CVE-2015-8330 has no software list.
   ))


(test-begin "cve")

(test-equal "xml->vulnerabilities"
  %expected-vulnerabilities
  (call-with-input-file %sample xml->vulnerabilities))

(test-equal "vulnerabilities->lookup-proc"
  (list (list (first %expected-vulnerabilities))
        '()
        '()
        (list (second %expected-vulnerabilities))
        (list (third %expected-vulnerabilities)))
  (let* ((vulns  (call-with-input-file %sample xml->vulnerabilities))
         (lookup (vulnerabilities->lookup-proc vulns)))
    (list (lookup "phpvid")
          (lookup "jasper" "2.0")
          (lookup "foobar")
          (lookup "jasper" "1.900.1")
          (lookup "openoffice.org" "2.3.0"))))

(test-end "cve")
generated by cgit
* gnu/packages/mp3.scm (libmad, id3lib, mp3info)[arguments]: Likewise. * gnu/packages/music.scm (solfege)[arguments]: Likewise. * gnu/packages/noweb.scm (noweb)[arguments]: Likewise. * gnu/packages/patchutils.scm (patchutils, quilt, colordiff)[arguments]: Likewise. * gnu/packages/pdf.scm (xpdf, zathura-cb, zathura-ps, zathura-djvu, zathura-pdf-poppler, zathura, podofo, fbida)[arguments]: Likewise. * gnu/packages/perl.scm (perl-file-list, perl-test-harness)[arguments]: Likewise. * gnu/packages/photo.scm (gphoto2)[arguments]: Likewise. * gnu/packages/popt.scm (popt)[arguments]: Likewise. * gnu/packages/pretty-print.scm (source-highlight, astyle)[arguments]: Likewise. * gnu/packages/pumpio.scm (pumpa)[arguments]: Likewise. * gnu/packages/python.scm (python-passlib, python-pycrypto, python2-empy, python-sqlalchemy, python-docopt)[arguments]: Likewise. * gnu/packages/rdf.scm (lrdf)[arguments]: Likewise. * gnu/packages/regex.scm (tre)[arguments]: Likewise. * gnu/packages/rrdtool.scm (rrdtool)[arguments]: Likewise. * gnu/packages/ruby.scm (ruby-2.1, ruby-1.8)[arguments]: Likewise. * gnu/packages/sawfish.scm (sawfish)[arguments]: Likewise. * gnu/packages/scheme.scm (racket)[arguments]: Likewise. * gnu/packages/sdl.scm (guile-sdl)[arguments]: Likewise. * gnu/packages/serveez.scm (serveez)[arguments]: Likewise. * gnu/packages/skribilo.scm (skribilo)[arguments]: Likewise. * gnu/packages/smalltalk.scm (smalltalk)[arguments]: Likewise. * gnu/packages/suckless.scm (dmenu, slock)[arguments]: Likewise. * gnu/packages/tcl.scm (expect)[arguments]: Likewise. * gnu/packages/telephony.scm (commoncpp)[arguments]: Likewise. * gnu/packages/textutils.scm (recode, libgtextutils)[arguments]: Likewise. * gnu/packages/time.scm (time)[arguments]: Likewise. * gnu/packages/tor.scm (privoxy)[arguments]: Likewise. * gnu/packages/uucp.scm (uucp)[arguments]: Likewise. * gnu/packages/video.scm (libdvdnav-4)[arguments]: Likewise. * gnu/packages/web-browsers.scm (lynx)[arguments]: Likewise. * gnu/packages/web.scm (tinyproxy)[arguments]: Likewise. * gnu/packages/wicd.scm (wicd)[arguments]: Likewise. * gnu/packages/wm.scm (bspwm)[arguments]: Likewise. * gnu/packages/xdisorg.scm (sxhkd, xcape)[arguments]: Likewise. * gnu/packages/xfce.scm (xfconf)[arguments]: Likewise. * gnu/packages/xfig.scm (transfig)[arguments]: Likewise. * gnu/packages/xorg.scm (imake)[arguments]: Likewise. Kei Kebreau copy of nghttp2. [inputs]: Use mbedtls-for-hiawatha instead of vanilla mbedtls-apache. * gnu/packages/tls.scm (mbedtls-for-hiawatha): New public variable. Tobias Geerinckx-Rice 2018-10-04gnu: mbedtls-apache: Update to 2.13.0 [security fixes]....* gnu/packages/tls.scm (mbedtls-apache): Update to 2.13.0. [native-inputs]: Add python. Tobias Geerinckx-Rice 2018-10-01gnu: ghc-tls: Update to 1.4.1....* gnu/packages/tls.scm (ghc-tls): Update to 1.4.1. Timothy Sample 2018-10-01gnu: ghc-mtl: Remove built-in Haskell package....* gnu/packages/agda.scm (agda)[inputs]: Remove ghc-mtl. * gnu/packages/games.scm (raincat)[inputs]: Remove ghc-mtl. * gnu/packages/haskell-check.scm (ghc-tasty-ant-xml, ghc-tasty-golden, ghc-tasty, ghc-tasty-kat, ghc-tasty-rerun, ghc-crypto-cipher-tests)[inputs]: Remove ghc-mtl. * gnu/packages/haskell-crypto.scm (ghc-asn1-encoding, ghc-pem, ghc-x509, ghc-x509-store, ghc-x509-validation, ghc-x509-system)[inputs]: Remove ghc-mtl. * gnu/packages/haskell-web.scm (ghc-http, ghc-http-conduit, ghc-yesod-core)[inputs]: Remove ghc-mtl. * gnu/packages/haskell.scm (ghc-convertible, ghc-libxml, ghc-cgi, ghc-happy, ghc-haskell-src-exts, ghc-resourcet, cabal-install, ghc-indents, ghc-regex-base, ghc-regex-tdfa-rc, ghc-trifecta, ghc-zip-archive, ghc-logict, ghc-exceptions, ghc-smallcheck, ghc-syb, ghc-fgl, ghc-chasingbottoms, ghc-parsec, ghc-megaparsec, ghc-edisonapi, ghc-edisoncore, ghc-mmorph, ghc-ifelse, ghc-kan-extensions, ghc-lens, ghc-cheapskate, ghc-free, ghc-adjunctions, ghc-equivalence, ghc-texmath, ghc-texmath-for-pandoc-1, ghc-highlighting-kate, ghc-th-reify-many, ghc-th-orphans, ghc-geniplate-mirror, ghc-conduit, ghc-filemanip, ghc-juicypixels, ghc-hslua, ghc-hourglass, ghc-skylighting, ghc-skylighting-for-pandoc-1, ghc-pandoc, ghc-pandoc-1, ghc-pandoc-citeproc, ghc-regex-tdfa, ghc-stmonadtrans, ghc-constraints, ghc-lifted-async, ghc-shelly, ghc-hslogger, ghc-json, shellcheck, ghc-vector-algorithms, ghc-monad-par-extras, ghc-monad-par, ghc-monadrandom, ghc-either, ghc-rebase, ghc-aws, ghc-monad-logger, ghc-persistent, ghc-bytes, ghc-missingh, ghc-operational, ghc-chart)[inputs]: Remove ghc-mtl. (ghc-conduit-combinators)[native-inputs]: Remove ghc-mtl. (ghc-mtl): Remove variable. * gnu/packages/idris.scm (idris)[inputs]: Remove ghc-mtl. * gnu/packages/tls.scm (ghc-tls)[inputs]: Remove ghc-mtl. * gnu/packages/version-control.scm (darcs, git-annex)[inputs]: Remove ghc-mtl. * gnu/packages/wm.scm (xmonad, ghc-xmonad-contrib)[inputs]: Remove ghc-mtl. * gnu/packages/xml.scm (ghc-hxt)[inputs]: Remove ghc-mtl. Timothy Sample 2018-09-27gnu: perl-crypt-openssl-rsa: Update to 0.31....* gnu/packages/tls.scm (perl-crypt-openssl-rsa): Update to 0.31. Tobias Geerinckx-Rice 2018-09-20Merge branch 'master' into core-updatesMarius Bakke 2018-09-17gnu: mbedtls-apache: Update to 2.7.6....* gnu/packages/tls.scm (mbedtls-apache): Update to 2.7.6. Leo Famulari 2018-09-14gnu: OpenSSL 1.1: Update to 1.1.1....* gnu/packages/tls.scm (openssl-next): Update to 1.1.1. [arguments]: Patch a `/usr/bin/env` invocation in the 'config' script. Adjust the documentation output. * gnu/packages/patches/openssl-1.1.0-c-rehash-in.patch: Rename and ... * gnu/packages/patches/openssl-1.1-c-rehash-in.patch: ... adjust patch. * gnu/local.mk (dist_patch_DATA): Adjust accordingly. Leo Famulari 2018-09-10Merge branch 'master' into core-updatesMarius Bakke 2018-09-10gnu: OpenSSL: Remove obsolete workaround....* gnu/packages/tls.scm (openssl)[arguments]: Remove workaround that is not needed for GCC version 5.3 and later. Marius Bakke 2018-09-09gnu: certbot: Update to 0.27.1....* gnu/packages/tls.scm (python-acme): Update to 0.27.1. [arguments]: Use invoke. (certbot): Update to 0.27.1. [native-inputs]: Use python-sphinx-1.6. Leo Famulari 2018-09-09gnu: openssl: Update to 1.0.2p....* gnu/packages/patches/openssl-1.0.2-CVE-2018-0495.patch, gnu/packages/patches/openssl-1.0.2-CVE-2018-0732.patch: Delete files. * gnu/local.mk (dist_patch_DATA): Remove them. * gnu/packages/tls.scm (openssl): Update to 1.0.2p. [source](patches): Remove obsolete. Marius Bakke 2018-09-03Merge branch 'master' into core-updatesMarius Bakke 2018-08-30gnu: p11-kit: Update to 0.23.14....* gnu/packages/tls.scm (p11-kit): Update to 0.23.14. Marius Bakke 2018-08-25Merge branch 'staging' into core-updatesMarius Bakke