diff --git a/0005-fix-the-severity-field-filtering-error.patch b/0005-fix-the-severity-field-filtering-error.patch new file mode 100644 index 0000000000000000000000000000000000000000..0f55ce5217cbd997e8724625b316bc5c7da4d313 --- /dev/null +++ b/0005-fix-the-severity-field-filtering-error.patch @@ -0,0 +1,56 @@ +From 93b6f17d081227f619cc22fb5ba6918937c8dd2e Mon Sep 17 00:00:00 2001 +From: rabbitali +Date: Mon, 23 Oct 2023 11:16:47 +0800 +Subject: [PATCH 1/1] fix the severity field filtering error + +--- + apollo/conf/constant.py | 4 ++-- + apollo/database/proxy/cve.py | 2 +- + apollo/handler/cve_handler/manager/parse_unaffected.py | 2 +- + 3 files changed, 4 insertions(+), 4 deletions(-) + +diff --git a/apollo/conf/constant.py b/apollo/conf/constant.py +index e2d91a6..878e86f 100644 +--- a/apollo/conf/constant.py ++++ b/apollo/conf/constant.py +@@ -74,11 +74,11 @@ class CveSeverity: + HIGH = "High" + MEDIUM = "Medium" + LOW = "Low" +- NONE = "None" ++ UNKNOWN = "Unknown" + + @staticmethod + def attribute(): +- return [CveSeverity.CRITICAL, CveSeverity.HIGH, CveSeverity.MEDIUM, CveSeverity.LOW, CveSeverity.NONE] ++ return [CveSeverity.CRITICAL, CveSeverity.HIGH, CveSeverity.MEDIUM, CveSeverity.LOW, CveSeverity.UNKNOWN] + + + class TaskType: +diff --git a/apollo/database/proxy/cve.py b/apollo/database/proxy/cve.py +index 2b82cf6..f83784a 100644 +--- a/apollo/database/proxy/cve.py ++++ b/apollo/database/proxy/cve.py +@@ -670,7 +670,7 @@ class CveProxy(CveMysqlProxy, CveEsProxy): + + # sort by host num by default + sort_page["order_by_filed"] = data.get('sort', "host_num") +- sort_page["order_by"] = "dsc" if data.get("direction") == "dsc" else "asc" ++ sort_page["order_by"] = data.get("direction", "asc") + return sort_page + + def _query_cve_list(self, data): +diff --git a/apollo/handler/cve_handler/manager/parse_unaffected.py b/apollo/handler/cve_handler/manager/parse_unaffected.py +index b680123..e9eed57 100644 +--- a/apollo/handler/cve_handler/manager/parse_unaffected.py ++++ b/apollo/handler/cve_handler/manager/parse_unaffected.py +@@ -137,5 +137,5 @@ def parse_cve_severity(cve_score: str) -> str: + elif cvss_score > CvssScore.NONE: + severity = CveSeverity.LOW + else: +- severity = CveSeverity.NONE ++ severity = CveSeverity.UNKNOWN + return severity +-- +2.33.0 + diff --git a/aops-apollo.spec b/aops-apollo.spec index 8f21bcf32481343cff9971953aeb8e3048f196f2..816787b667f1cbf105ffa3af7138fa4f012b827f 100644 --- a/aops-apollo.spec +++ b/aops-apollo.spec @@ -1,6 +1,6 @@ Name: aops-apollo Version: v1.3.4 -Release: 5 +Release: 6 Summary: Cve management service, monitor machine vulnerabilities and provide fix functions. License: MulanPSL2 URL: https://gitee.com/openeuler/%{name} @@ -9,6 +9,7 @@ Patch0001: 0001-fix-param-error-and-compatible-with-mysql5.patch Patch0002: 0002-fix-query-all-by-cve-list.patch Patch0003: 0003-fix-cve-list-get-api-query-error.patch Patch0004: 0004-fix-query-cve-list-error-and-sql-error.patch +Patch0005: 0005-fix-the-severity-field-filtering-error.patch BuildRequires: python3-setuptools Requires: aops-vulcanus >= v1.3.0 @@ -71,6 +72,9 @@ popd %{python3_sitelib}/aops_apollo_tool/* %changelog +* Mon Oct 23 2023 wenxin - v1.3.4-6 +- fix the severity field filtering error + * Mon Oct 23 2023 gongzhengtang - v1.3.4-5 - fixed many issues with cvelist queries (package fuzzy matching, page confusion, sorting is not supported) and rpm packet loss when generating repair tasks