diff --git a/PRODUCT_DOCS/menu.yaml b/PRODUCT_DOCS/menu.yaml index 5df7ec58f2899b31af8cd959ec15dcce88c6f184..6602b4569d5a5e84a9c740d634e6ec99b84653a8 100644 --- a/PRODUCT_DOCS/menu.yaml +++ b/PRODUCT_DOCS/menu.yaml @@ -2,7 +2,12 @@ DEVELOPER_DOCS: menu: menu.yml maintainers: maintainers.yml anolisos: - '23': null + '23': + 用户指南: + 解决方案: + LMP项目介绍: ../anolisos/23/用户指南/解决方案/LMP项目介绍.md + migration_solution: ../anolisos/23/用户指南/解决方案/migration_solution.md + 新增文档: ../anolisos/23/用户指南/解决方案/新增文档.md '8.8': 发行说明: 快速入门: ../anolisos/8.8/发行说明/快速入门.md diff --git a/TECHNOLOGY_DOCS/menu.yaml b/TECHNOLOGY_DOCS/menu.yaml index b4f65eb5ae4be024e7368b3571657c2dab1c8dcd..f93c731aaa78619152cdf7284d32258073fcbba2 100644 --- a/TECHNOLOGY_DOCS/menu.yaml +++ b/TECHNOLOGY_DOCS/menu.yaml @@ -1,35 +1,6 @@ -# 目录结构: 以 anolisos8.8 为例 -AnolisOS: - 8.8: - 发行说明: - 简介: https://xxxx/简介.md - 快速入门: ../../快速入门.md - 系统安装: ./../系统安装.md - 关键特性: ./../关键特性.md - CVE 漏洞: ./../CVE 漏洞.md - 参与贡献: https://xxxx/参与贡献.md - 致谢: https://xxxx/致谢.md - 安装升级: - 安装指南: https://xxxx/安装指南.md - 升级指南: https://xxxx/升级指南.md - 系统管理: - 管理员指南: - 查看系统信息: https://xxxx/查看系统信息.md - 基础配置: https://xxxx/基础配置.md - 管理用户和用户组: https://xxxx/管理用户和用户组.md - 管理服务: https://xxxx/管理服务.md - 管理进程: https://xxxx/管理进程.md - 管理内存: https://xxxx/管理内存.md - 管理网络: https://xxxx/管理网络.md - 运维指南: - xx: xx - 网络: - 维护: - 安全: - 云原生: - 容器用户指南[DockerUser]: ./../DockerUser.md # 以文档级别指定文档所属用户组 - 容器OS升级用户指南: https://xxxx/容器OS升级用户指南.md - 桌面: - 嵌入式: - 虚拟化: - 边缘计算: \ No newline at end of file +TECHNOLOGY_DOCS: + menu: menu.yml + maintainers: maintainers.yml + 安全管理系统: + 用户说明文档: ../安全管理系统/ANA用户API说明文档.md + 安全数据文档: ../安全管理系统/OpenAnolis安全数据API文档.md diff --git "a/TECHNOLOGY_DOCS/\345\256\211\345\205\250\347\256\241\347\220\206\347\263\273\347\273\237/ANA\347\224\250\346\210\267API\350\257\264\346\230\216\346\226\207\346\241\243.md" "b/TECHNOLOGY_DOCS/\345\256\211\345\205\250\347\256\241\347\220\206\347\263\273\347\273\237/ANA\347\224\250\346\210\267API\350\257\264\346\230\216\346\226\207\346\241\243.md" new file mode 100644 index 0000000000000000000000000000000000000000..fd2b07fd978262274b813f3e6500959d854b0c85 --- /dev/null +++ "b/TECHNOLOGY_DOCS/\345\256\211\345\205\250\347\256\241\347\220\206\347\263\273\347\273\237/ANA\347\224\250\346\210\267API\350\257\264\346\230\216\346\226\207\346\241\243.md" @@ -0,0 +1,1984 @@ +## 接口描述 + +### 1). response结构 + +**1.  成功** + +```json +{ + "status": { + "code": 200, + "message": "" + }, + "data": null +} +``` + +**2. 失败** + +```json +{ + "status": { + "code": 404, + "message": "未找到。", + "redirect_url": null + }, + "data": null +} +``` + +### 2). 主要错误码 + +> 目前系统已有的,会不断完善 + + +**1). 2xx** +200 (成功) +201 (已创建) +204 (已删除) + +**2).  4xx** +400 (错误请求,针对validate error) +403 (没权限) +404 (未找到) +460 (普通错误,用于不做特殊展示的错误) + +**3). 5xx** +500(服务器发生未知错误) + +### 3). 签名算法 + +**配置说明** + +```python +# 服务器地址 +hostname = +# 服务器鉴权名称 +sys_name = +# 服务器鉴权token +token = +``` + +sys_name和token需要向[@永超(sam.zyc) ](sam.zyc@alibaba-inc.com ) 申请 + +```python +hostname = 'https://anas.openanolis.cn' +sys_name = '' +token = '' +``` + +**使用HTTP调用** + +1. 接口签名方式 +调用接口时,需要对请求进行签名,方可认证通过。接口请求需携带以下参数作为请求头: + - Timestamp:请求时间戳,单位毫秒,为发送请求时的时间(此参数会进行校验,请保证使用当前时间),300秒超时 + - Token:服务器鉴权token + - Signature:签名,请求签名 + +签名计算方法为: +`sha256(sys_name + ":" + token + ":" + timestamp)` + +2. python3 demo + +```python +import base64 +import hashlib +import requests +import time + + +class ErrataApiDemo: + """portal api demo""" + def __init__(self, hostname, sys_name, token): + self.hostname = hostname + self.sys_name = sys_name + self.token = token + + def get_sign_headers(self): + timestamp = str(round(time.time() * 1000)) + sign_items = [self.sys_name, self.token, timestamp] + hash_obj = hashlib.sha256() + hash_obj.update(':'.join(sign_items).encode('utf-8')) + signature = hash_obj.digest() + signature = base64.b64encode(signature) + return {'Timestamp': timestamp, 'Token': self.token, 'Signature': signature} + + def get_errata_list(self): + headers = {} + headers.update(self.get_sign_headers()) + params = { + 'page_num': 1, + 'page_size': 20 + } + resp = requests.get('{}/api/v1/errata/'.format(self.hostname), params=params, headers=headers, verify=False) + if resp.ok: + resp_data = resp.json() + if resp_data['status']['code'] == 200: + return resp_data['data'] + + +if __name__ == '__main__': + protal_client = Portal('https://errata.openanolis.cn', 'test', 'xxxxxxxxxxxxx') + errata_list = protal_client.get_errata_list() + print(errata_list) +``` + +返回: + +```json +{ + "total": 5, + "page_num": 1, + "total_page": 1, + "page_size": 20, + "previous": null, + "next": null, + "data": [ + { + "id": 7, + "gmt_created": "2022-01-04 12:20:19", + "gmt_modified": "2022-01-21 18:04:14", + "advisory_id": "ANBA-2022:0001", + "publish_date": "2022-01-04", + "product": [ + { + "product_id": 7, + "name_version": "Anolis 8.4", + "product_package_info": { + "arm": [ + "11" + ] + } + } + ], + "publisher": "hxk01075255", + "affected_packages": [ + "11" + ], + "advisory_type": "Bug Fix Advisory", + "severity": "Important", + "is_publish": true, + "synpopsis": "11", + "description": "11", + "solution": "11", + "issue": "11", + "source": "manual", + "cve": [] + }, + { + "id": 6, + "gmt_created": "2021-12-30 15:21:54", + "gmt_modified": "2021-12-30 15:52:40", + "advisory_id": "ANBA-2021:0006", + "publish_date": "2021-12-23", + "product": [ + { + "product_id": 7, + "name_version": "Anolis 8.4", + "product_package_info": { + "arm": [ + "rh-maven36-log4j12-1.2.17-23.3.el7.src.rpm\t" + ], + "x86": [ + "rh-maven36-log4j12-1.2.17-23.3.el7.src.rpm\t" + ] + } + }, + { + "product_id": 8, + "name_version": "anolis 10.3.5", + "product_package_info": { + "arm": [ + "rh-maven36-log4j12-javadoc-1.2.17-23.3.el7.noarch.rpm\t", + "rh-maven36-log4j12-javadoc-1.2.17-23.3.el7.noarch.rpm" + ], + "x86": [ + "rh-maven36-log4j12-1.2.17-23.3.el7.src.rpm\t", + "rh-maven36-log4j12-1.2.17-23.3.el7.src.rpm" + ] + } + }, + { + "product_id": 9, + "name_version": "Anolis 8.2", + "product_package_info": { + "arm": [ + "rh-maven36-log4j12-1.2.17-23.3.el7.src.rpm\t" + ], + "x86": [ + "rh-maven36-log4j12-1.2.17-23.3.el7.src.rpm\t" + ] + } + } + ], + "publisher": "wb-cy860729", + "affected_packages": [ + "rh-maven36-log4j12", + "rh-maven36-log4j12-javadoc" + ], + "advisory_type": "Bug Fix Advisory", + "severity": "Critical", + "is_publish": true, + "synpopsis": "An update for rh-maven36-log4j12 is now available for Red Hat Software Collections.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.An update for rh-maven36-log4j12 is now available for Red Hat Software Collections.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", + "description": "Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.An update for rh-maven36-log4j12 is now available for Red Hat Software Collections.Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.An update for rh-maven36-log4j12 is now available for Red Hat Software Collections.Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.An update for rh-maven36-log4j12 is now available for Red Hat Software Collections.Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.An update for rh-maven36-log4j12 is now available for Red Hat Software Collections.Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.An update for rh-maven36-log4j12 is now available for Red Hat Software Collections.Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.An update for rh-maven36-log4j12 is now available for Red Hat Software Collections.", + "solution": "An update for rh-maven36-log4j12 is now available for Red Hat Software Collections.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", + "issue": "An update for rh-maven36-log4j12 is now available for Red Hat Software Collections.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\n\nhttps://access.redhat.com/articles/11258", + "source": "manual", + "cve": [] + }, + { + "id": 3, + "gmt_created": "2021-12-29 09:55:25", + "gmt_modified": "2021-12-29 09:55:25", + "advisory_id": "ANEA-2021:0003", + "publish_date": "2021-07-21", + "product": [ + { + "product_id": 6, + "name_version": "Anolis 8.2", + "product_package_info": { + "arm": [ + "nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm", + "nodejs-14.17.1-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm" + ] + } + }, + { + "product_id": 7, + "name_version": "Anolis 8.4", + "product_package_info": { + "arm": [ + "nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm", + "nodejs-14.17.1-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm" + ], + "x86": [ + "nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm", + "nodejs-14.17.1-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm" + ] + } + } + ], + "publisher": "wb-cy860729", + "affected_packages": [ + "nodejs" + ], + "advisory_type": "Enhancement Advisory", + "severity": "Critical", + "is_publish": true, + "synpopsis": "synpopsis", + "description": "description", + "solution": "solution", + "issue": "issue", + "source": "manual", + "cve": [] + }, + { + "id": 2, + "gmt_created": "2021-12-28 19:13:15", + "gmt_modified": "2021-12-28 19:13:15", + "advisory_id": "ANEA-2021:0002", + "publish_date": "2021-07-21", + "product": [ + { + "product_id": 6, + "name_version": "Anolis 8.2", + "product_package_info": { + "arm": [ + "nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm", + "nodejs-14.17.1-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm" + ] + } + }, + { + "product_id": 7, + "name_version": "Anolis 8.4", + "product_package_info": { + "arm": [ + "nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm", + "nodejs-14.17.1-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm" + ], + "x86": [ + "nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm", + "nodejs-14.17.1-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm" + ] + } + } + ], + "publisher": "wb-cy860729", + "affected_packages": [ + "nodejs" + ], + "advisory_type": "Enhancement Advisory", + "severity": "Critical", + "is_publish": true, + "synpopsis": "synpopsis", + "description": "description", + "solution": "solution", + "issue": "issue", + "source": "manual", + "cve": [] + }, + { + "id": 1, + "gmt_created": "2021-12-28 19:06:48", + "gmt_modified": "2021-12-29 18:34:22", + "advisory_id": "ANEA-2021:0001", + "publish_date": "2021-07-21", + "product": [ + { + "product_id": 7, + "name_version": "Anolis 8.4", + "product_package_info": { + "arm": [ + "nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm", + "nodejs-14.17.1-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm" + ] + } + }, + { + "product_id": 9, + "name_version": "Anolis 8.2", + "product_package_info": { + "arm": [ + "nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm", + "nodejs-14.17.1-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm" + ], + "x86": [ + "nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm", + "nodejs-14.17.1-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm" + ] + } + } + ], + "publisher": "wb-cy860729", + "affected_packages": [ + "nodejs" + ], + "advisory_type": "Enhancement Advisory", + "severity": "Critical", + "is_publish": true, + "synpopsis": "synpopsis", + "description": "description", + "solution": "solution", + "issue": "issue", + "source": "manual", + "cve": [] + } + ] +} +``` + +## Errata接口 + +### 1) Errata列表 + +> 获取Errata列表 +url: /api/v1/errata/ +请求方式: GET +支持格式: application/json + + +**请求参数** + +| 参数 | 必选 | 类型 | 说明 | +| --- | --- | --- | --- | +| page_num | 否 | int | 当前页 | +| page_size | 否 | int | 每页条数20-100 | + + +**返回字段** + +| 返回字段 | 字段类型 | 说明 | +| --- | --- | --- | +| total | int | 总条数 | +| page_num | int | 当前页 | +| total_page | int | 总页数 | +| page_size | int | 每页条数 | +| previous | string | 上一页 | +| next | string | 下一页 | +| data | list | 列表数据 | +| id | int | | +| gmt_created | date | 创建时间 | +| gmt_modified | date | 更新时间 | +| advisory_id | str | advisory ID | +| advisory_type | str | advisory类型 | +| severity | 否 | str | +| is_publish | bool | 是否发布 | +| publisher | str | 发布人 | +| synpopsis | str | 简介 | +| solution | str | 描述 | +| description | str | 解决方案 | +| issue | str | Issue | +| source | str | 来源,值为manual(手动)或者添加者的(sys_name) | +| cve | list | 关联的cve | +| affected_packages | list | 受影响的包 | +| product | list | 关联的产品和package信息 | +| modules | list | errata修复的modules信息 | + + +**接口示例** + +> 地址:/api/v1/errata/?page_num=1&page_size=20 + + +```json +{ + "total": 4, // 总个数 + "page_num": 1, // 当前页 + "total_page": 1, // 总页数 + "page_size": 20, // 每页条数 + "previous": null, // 上一页url + "next": null, // 下一页url + "data": [ + { + "id": 6, + "gmt_created": "2021-12-30 15:21:54", // 创建时间 + "gmt_modified": "2021-12-30 15:52:40", // 更新时间 + "advisory_id": "ANBA-2021:0006", // advisory ID + "publish_date": "2021-12-23", // 发布时间 + "product": [ // 关联的产品和package信息 + { + "product_id": 7, // 产品id + "name_version": "Anolis 8.4", // 产品名称及版本 + "product_package_info": { // package信息 + "arm": [ // 架构 + "rh-maven36-log4j12-1.2.17-23.3.el7.src.rpm" // 包名 + ], + "x86": [ + "rh-maven36-log4j12-1.2.17-23.3.el7.src.rpm" + ] + } + } + ], + "publisher": "wb-cy860729", // 发布人 + "affected_packages": [ // 受影响的包 + "rh-maven36-log4j12", + "rh-maven36-log4j12-javadoc" + ], + "advisory_type": "Bug Fix Advisory", // advisory类型 + "severity": "Critical", // 严重级别 + "is_publish": true, // 是否发布 + "synpopsis": "An update for rh-maven36-log4j12 is now available for Red Hat Software Collections.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.An update for rh-maven36-log4j12 is now available for Red Hat Software Collections.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", + // 简介 + "description": "Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.An update for rh-maven36-log4j12 is now available for Red Hat Software Collections.Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.An update for rh-maven36-log4j12 is now available for Red Hat Software Collections.Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.An update for rh-maven36-log4j12 is now available for Red Hat Software Collections.Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.An update for rh-maven36-log4j12 is now available for Red Hat Software Collections.Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.An update for rh-maven36-log4j12 is now available for Red Hat Software Collections.Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.An update for rh-maven36-log4j12 is now available for Red Hat Software Collections.", + // 描述 + "solution": "An update for rh-maven36-log4j12 is now available for Red Hat Software Collections.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", + // 解决方案 + "issue": "An update for rh-maven36-log4j12 is now available for Red Hat Software Collections.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\n\nhttps://access.redhat.com/articles/11258", + // Issue + "source": "manual", // 来源 + "cve": [] // 关联的cve + }, + { + "id": 3, + "gmt_created": "2021-12-29 09:55:25", + "gmt_modified": "2021-12-29 09:55:25", + "advisory_id": "ANEA-2021:0003", + "publish_date": "2021-07-21", + "product": [ + { + "product_id": 6, + "name_version": "Anolis 8.2", + "product_package_info": { + "arm": [ + "nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm", + "nodejs-14.17.1-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm" + ] + } + }, + { + "product_id": 7, + "name_version": "Anolis 8.4", + "product_package_info": { + "arm": [ + "nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm", + "nodejs-14.17.1-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm" + ], + "x86": [ + "nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm", + "nodejs-14.17.1-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm" + ] + } + } + ], + "publisher": "wb-cy860729", + "affected_packages": [ + "nodejs" + ], + "advisory_type": "Enhancement Advisory", + "severity": "Critical", + "is_publish": true, + "synpopsis": "synpopsis", + "description": "description", + "solution": "solution", + "issue": "issue", + "source": "manual", + "cve": [] + }, + { + "id": 2, + "gmt_created": "2021-12-28 19:13:15", + "gmt_modified": "2021-12-28 19:13:15", + "advisory_id": "ANEA-2021:0002", + "publish_date": "2021-07-21", + "product": [ + { + "product_id": 6, + "name_version": "Anolis 8.2", + "product_package_info": { + "arm": [ + "nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm", + "nodejs-14.17.1-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm" + ] + } + }, + { + "product_id": 7, + "name_version": "Anolis 8.4", + "product_package_info": { + "arm": [ + "nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm", + "nodejs-14.17.1-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm" + ], + "x86": [ + "nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm", + "nodejs-14.17.1-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm" + ] + } + } + ], + "publisher": "wb-cy860729", + "affected_packages": [ + "nodejs" + ], + "advisory_type": "Enhancement Advisory", + "severity": "Critical", + "is_publish": true, + "synpopsis": "synpopsis", + "description": "description", + "solution": "solution", + "issue": "issue", + "source": "manual", + "cve": [] + }, + { + "id": 1, + "gmt_created": "2021-12-28 19:06:48", + "gmt_modified": "2021-12-29 18:34:22", + "advisory_id": "ANEA-2021:0001", + "publish_date": "2021-07-21", + "product": [ + { + "product_id": 7, + "name_version": "Anolis 8.4", + "product_package_info": { + "arm": [ + "nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm", + "nodejs-14.17.1-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm" + ] + } + }, + { + "product_id": 9, + "name_version": "Anolis 8.2", + "product_package_info": { + "arm": [ + "nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm", + "nodejs-14.17.1-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm" + ], + "x86": [ + "nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm", + "nodejs-14.17.1-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm" + ] + } + } + ], + "publisher": "wb-cy860729", + "affected_packages": [ + "nodejs" + ], + "advisory_type": "Enhancement Advisory", + "severity": "Critical", + "is_publish": true, + "synpopsis": "synpopsis", + "description": "description", + "solution": "solution", + "issue": "issue", + "source": "manual", + "cve": [], + "modules": ["container-tools:an8", "container-tools:an7"] + } + ] +} +``` + +### 2). 添加 + +> 功能描述: 添加 errata +url: /api/v1/errata/ +请求方式: POST +支持格式: application/json + + +**请求参数** + +| 参数 | 必选 | 类型 | 说明 | +| --- | --- | --- | --- | +| advisory_id | 否 | str | errata官方公告id, 唯一性,如:ANEA-2022:0027 | +| advisory_type | 是 | str | advisory类型, 只能是下面三种之一 Enhancement Advisory, Bug Fix Advisory, Security Advisory | +| severity | 否 | str | ANSA的严重等级, 只能是下面四种之一 Critical, Important, Moderate, Low,ANBA/ANEA下无严重等级 | +| is_publish | 否 | bool | 是否发布,默认false | +| publish_date | 是 | str | 发布时间 格式"Y-m-d" 2021-07-21 | +| synpopsis | 是 | str | 简介 | +| description | 是 | str | 描述 | +| solution | 是 | str | 解决方案 | +| issue | 否 | str | Issue | +| cve | 否 | list | 关联的cve, 如`["CVE-2021-45257", "CVE-2021-45258"]` +,CVE id必须已存在 | +| product | 是 | list | 关联的product,一个errata只能关联一个产品,没有给空列表[] | +| modules | 否 | list | errata修复的modules信息,若是package,该字段无需填写;若是module,该字段填写module名及版本,如:ruby:2.5 | + + +**接口示例** + +> 方式:POST +地址:/api/v1/errata/ +参数: + + +```json +{ + "advisory_id": "ANEA-2022:0028", // 非必填, errata官方公告id,唯一 + "advisory_type": "Enhancement Advisory", // 必填, advisory类型, 只能是下面三种之一 Enhancement Advisory, Bug Fix Advisory, Security Advisory + "severity": "Critical", // 必填,严重等级, 只能是下面四种之一 Critical, Important, Medium, Low + "publish_date": "2021-07-21", // 必填,发布时间 格式"Y-m-d" 2021-07-21 + "synpopsis": "synpopsis", // 必填, + "description": "description", // 必填, + "solution": "solution", // 必填, + "issue": "issue", // 必填, + "is_publish": true, // 选填,不填默认不发布,如需添加即发布,请设为true + "cve": [ + "CVE-2020-12131", + "CVE-2020-12132" + ], // 关联的cve, CVE id必须已存在 + "modules": ["ruby:2.5", "ruby:2.6"], // errata修复的modules信息, 若是no-module,该字段无需填写 + "product": [ + { + "name_version": "Anolis8.2", // name_version必填,name_version必须存在 + "product_package_info": { // 必填 + "aarch64": [ // 架构必须在['aarch64', 'x86_64', 'src', 'noarch']之中 + { + "rpm_filename": "nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm", // 文件名称 + "rpm_name": "nodejs", // 包名称 + "rpm_url": "http://mirrors.openanolis.cn/anolis/8.4/AppStream/aarch64/os/Packages/nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm" // 软件包下载URL + } + ] // "aarch64"、"x86_64"、"src"、"noarch"至少有一个,并且包名不能为空,包名长度、文件名称长度不能超过128 + , + "x86_64": [ + { + "rpm_filename": "nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm", + "rpm_name": "nodejs", + "rpm_url": "http://mirrors.openanolis.cn/anolis/8.4/AppStream/aarch64/os/Packages/nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm" + }, + { + "rpm_filename": "nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm", + "rpm_name": "nodejs", + "rpm_url": "http://mirrors.openanolis.cn/anolis/8.4/AppStream/aarch64/os/Packages/nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm" + } + ] + , + "loongarch64": [ + { + "rpm_filename": "nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm", + "rpm_name": "nodejs", + "rpm_url": "http://mirrors.openanolis.cn/anolis/8.4/AppStream/aarch64/os/Packages/nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm" + }, + { + "rpm_filename": "nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm", + "rpm_name": "nodejs", + "rpm_url": "http://mirrors.openanolis.cn/anolis/8.4/AppStream/aarch64/os/Packages/nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm" + } + ] + } + }, + { + "name_version": "Anolis8.4", + "product_package_info": { + "aarch64": [ + { + "rpm_filename": "nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm", + "rpm_name": "nodejs", + "rpm_url": "http://mirrors.openanolis.cn/anolis/8.4/AppStream/aarch64/os/Packages/nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm" + } + ], + "x86_64": [ + { + "rpm_filename": "nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm", + "rpm_name": "nodejs", + "rpm_url": "http://mirrors.openanolis.cn/anolis/8.4/AppStream/aarch64/os/Packages/nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm" + }, + { + "rpm_filename": "nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm", + "rpm_name": "nodejs", + "rpm_url": "http://mirrors.openanolis.cn/anolis/8.4/AppStream/aarch64/os/Packages/nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm" + } + ] + } + } + ] +} +``` + +成功返回: + +```json +{ + "status": { + "code": 201, + "message": "" + }, + "data": { + "id": 40, + "gmt_created": "2022-02-09 17:16:22", + "gmt_modified": "2022-02-09 17:16:22", + "advisory_id": "ANEA-2022:0028", + "publish_date": "2021-07-21", + "modules": ["ruby:2.5", "ruby:2.6"], + "product": [ + { + "product_id": 2, + "name_version": "Anolis8.2", + "product_package_info": { + "aarch64": [ + { + "rpm_filename": "nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm", + "rpm_name": "nodejs", + "rpm_url": "http://mirrors.openanolis.cn/anolis/8.4/AppStream/aarch64/os/Packages/nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm" + } + ], + "x86_64": [ + { + "rpm_filename": "nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm", + "rpm_name": "nodejs", + "rpm_url": "http://mirrors.openanolis.cn/anolis/8.4/AppStream/aarch64/os/Packages/nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm" + }, + { + "rpm_filename": "nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm", + "rpm_name": "nodejs", + "rpm_url": "http://mirrors.openanolis.cn/anolis/8.4/AppStream/aarch64/os/Packages/nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm" + } + ] + , + "loongarch64": [ + { + "rpm_filename": "nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm", + "rpm_name": "nodejs", + "rpm_url": "http://mirrors.openanolis.cn/anolis/8.4/AppStream/aarch64/os/Packages/nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm" + }, + { + "rpm_filename": "nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm", + "rpm_name": "nodejs", + "rpm_url": "http://mirrors.openanolis.cn/anolis/8.4/AppStream/aarch64/os/Packages/nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm" + } + ] + } + }, + { + "product_id": 1, + "name_version": "Anolis8.4", + "product_package_info": { + "aarch64": [ + { + "rpm_filename": "nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm", + "rpm_name": "nodejs", + "rpm_url": "http://mirrors.openanolis.cn/anolis/8.4/AppStream/aarch64/os/Packages/nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm" + } + ], + "x86_64": [ + { + "rpm_filename": "nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm", + "rpm_name": "nodejs", + "rpm_url": "http://mirrors.openanolis.cn/anolis/8.4/AppStream/aarch64/os/Packages/nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm" + }, + { + "rpm_filename": "nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm", + "rpm_name": "nodejs", + "rpm_url": "http://mirrors.openanolis.cn/anolis/8.4/AppStream/aarch64/os/Packages/nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm" + } + ] + } + } + ], + "publisher": "test", + "affected_packages": [ + "nodejs" + ], + "advisory_type": "Enhancement Advisory", + "severity": "Critical", + "is_publish": true, + "synpopsis": "synpopsis", + "description": "description", + "solution": "solution", + "issue": "issue", + "source": "test", + "cve": [ + { + "id": 1, + "cve_id": "CVE-2020-12131" + }, + { + "id": 2, + "cve_id": "CVE-2020-12132" + } + ] + } +} +``` + +错误返回: + +```json +{ + "status": { + "code": 400, + "message": { + "advisory_id": [ + "advisory_id不能重复" + ], + "product": { + "0": { + "product_package_info": { + "aarch64": { + "0": { + "non_field_errors": [ + "无效数据。期待为字典类型,得到的是 str 。" + ] + } + }, + "x86_64": { + "0": { + "non_field_errors": [ + "无效数据。期待为字典类型,得到的是 str 。" + ] + }, + "1": { + "non_field_errors": [ + "无效数据。期待为字典类型,得到的是 str 。" + ] + } + } + } + }, + "1": { + "product_package_info": { + "x86_64": { + "0": { + "rpm_filename": [ + "不能超过128个字符" + ], + "rpm_url": [ + "输入的URL不合法" + ] + } + } + } + } + }, + "cve": [ + "属性 cve_id 为 123test 的对象不存在。" + ], + "advisory_type": [ + "只能是((1, 'Bug Fix Advisory'), (2, 'Enhancement Advisory'), (3, 'Security Advisory')), 其中之一" + ], + "severity": [ + "“Critical-test” 不是合法选项。" + ] + }, + "redirect_url": null + }, + "data": null +} +``` + +### 3). 详情 + +> 功能描述: 获取errata详情 +URL: /api/v1/errata/{advisory_id}/ +请求方式: GET +支持格式: application/json + + +** 请求参数** + +| 参数 | 必选 | 类型 | 说明 | +| --- | --- | --- | --- | +| advisory_id | 是 | str | | + + +**接口示例** + +> 地址:/api/v1/errata/ANEA-2022:0013/ +返回 + + +```json +{ + "status": { + "code": 204, + "message": "" + }, + "data": null +} +``` + +### 4). 编辑 + +> 功能描述: 编辑 errata +url: /api/v1/errata/{advisory_id}/ +请求方式: PUT +支持格式: application/json + + +**请求参数** + +| 参数 | 必选 | 类型 | 说明 | +| --- | --- | --- | --- | +| advisory_id | 否 | str | errata官方公告id, 唯一性,如:ANEA-2022:0027 | +| advisory_type | 是 | str | advisory类型, 只能是下面三种之一 Enhancement Advisory, Bug Fix Advisory, Security Advisory | +| severity | 是 | str | 严重等级, 只能是下面四种之一 Critical, Important, Medium, Low | +| is_publish | 否 | bool | 是否发布,默认false | +| publish_date | 是 | str | 发布时间 格式"Y-m-d" 2021-07-21 | +| synpopsis | 是 | str | 简介 | +| description | 是 | str | 描述 | +| solution | 是 | str | 解决方案 | +| issue | 是 | str | Issue | +| cve | 否 | list | 关联的cve, 如`["CVE-2021-45257", "CVE-2021-45258"]` +,CVE id必须已存在 | +| product | 是 | list | 关联的product | +| modules | 否 | list | errata修复的modules信息,若是package,该字段无需填写;若是module,该字段填写module名及版本,如:ruby:2.5 | + + +**接口示例** + +> 方式:PUT +地址:/api/v1/errata/ANBA-2022:0026/ +参数: + + +```json +{ + "advisory_id": "ANBA-2022:0026", + "publish_date": "2022-02-09", + "product": [ + { + "product_id": 2, + "name_version": "Anolis8.4", + "product_package_info": { + "aarch64": [ + { + "rpm_name": "curl", + "rpm_filename": "curl-7.61.1-.1.an8_internal.aarch64.rpm", + "rpm_url": "http://build.openanolis.cn/kojifiles/packages/curl/7.61.1/.1.an8_internal/aarch64/curl-7.61.1-.1.an8_internal.aarch64.rpm" + } + ], + "x86_64": [ + { + "rpm_name": "curl", + "rpm_filename": "curl-7.61.1-.1.an8_internal.x86_64.rpm", + "rpm_url": "http://build.openanolis.cn/kojifiles/packages/curl/7.61.1/.1.an8_internal/x86_64/curl-7.61.1-.1.an8_internal.x86_64.rpm" + } + ] + } + } + ], + "publisher": "hxk01075255", + "affected_packages": [ + "curl" + ], + "advisory_type": "Bug Fix Advisory", + "severity": "Critical", + "is_publish": false, + "synpopsis": "aaa", + "description": "bbb", + "solution": "ccc", + "issue": "ddd", + "source": "manual", + "cve": [], + "modules": ["container-tools:an8", "container-tools:an7"] +} +``` + +成功返回: + +```json +{ + "status": { + "code": 200, + "message": "" + }, + "data": { + "id": 57, + "gmt_created": "2022-02-09 18:41:13", + "gmt_modified": "2022-02-09 18:43:42", + "advisory_id": "ANBA-2022:0026", + "publish_date": "2022-02-09", + "product": [ + { + "product_id": 2, + "name_version": "Anolis8.4", + "product_package_info": { + "aarch64": [ + { + "rpm_name": "curl", + "rpm_filename": "curl-7.61.1-.1.an8_internal.aarch64.rpm", + "rpm_url": "http://build.openanolis.cn/kojifiles/packages/curl/7.61.1/.1.an8_internal/aarch64/curl-7.61.1-.1.an8_internal.aarch64.rpm" + } + ], + "x86_64": [ + { + "rpm_name": "curl", + "rpm_filename": "curl-7.61.1-.1.an8_internal.x86_64.rpm", + "rpm_url": "http://build.openanolis.cn/kojifiles/packages/curl/7.61.1/.1.an8_internal/x86_64/curl-7.61.1-.1.an8_internal.x86_64.rpm" + } + ] + } + } + ], + "publisher": "hxk01075255", + "affected_packages": [ + "curl" + ], + "advisory_type": "Bug Fix Advisory", + "severity": "Critical", + "is_publish": false, + "synpopsis": "aaa", + "description": "bbb", + "solution": "ccc", + "issue": "ddd", + "source": "manual", + "cve": [], + "modules": ["container-tools:an8", "container-tools:an7"] + } +} +``` + +### 5). 删除 + +> 功能描述: 删除errata详情 +URL: /api/v1/errata/{advisory_id}/ +请求方式: DELETE +支持格式: application/json + + +** 请求参数** + +| 参数 | 必选 | 类型 | 说明 | +| --- | --- | --- | --- | +| advisory_id | 是 | str | | + + +**接口示例** + +> 地址:/api/v1/errata/ANBA-2022:0007/ + + +返回: + +```json +{ + "status": { + "code": 204, + "message": "" + }, + "data": null +} +``` + +## CVE接口 + +### 1) CVE列表 + +> 获取Errata列表 +url: /api/v1/cve/ +请求方式: GET +支持格式: application/json + + +**请求参数** + +| 参数 | 必选 | 类型 | 说明 | +| --- | --- | --- | --- | +| page_num | 否 | int | 当前页 | +| page_size | 否 | int | 每页条数20-100 | + + +**返回字段** + +| 返回字段 | 字段类型 | 说明 | +| --- | --- | --- | +| total | int | 总条数 | +| page_num | int | 当前页 | +| total_page | int | 总页数 | +| page_size | int | 每页条数 | +| previous | string | 上一页 | +| next | string | 下一页 | +| data | list | 列表数据 | +| id | int | | +| gmt_created | date | 创建时间 | +| gmt_modified | date | 更新时间 | +| cve_id | str | CEV的标识ID | +| publisher | str | 发布人 | +| affected_errata | list | 受影响的errata | +| score | float | cvss评分 | +| severity | 是 | string | +| status | int | 是否发布 | +| source | str | cve来源 可选 ['Mitre', 'NVD'] | +| publish_date | date | 发布时间 | +| abstract | str | 概要 | +| description | str | 备注 | +| issue | 否 | string | +| acknowledgements | 否 | string | +| acknowledgements_en | 否 | string | +| reference | 否 | string | +| diagnose | 否 | string | +| statement | 否 | string | +| mitigation | 否 | string | +| creator | str | 系统创建人 | +| cve_source_link | 否 | string | +| publish_third_party_token | str | 关联的第三方发布系统 | +| cvss | json | nvd/cnvd/openanolis 的cvss度量评分公式 | +| product | 是 | json | + + +**接口示例** + +> 地址:/api/v1/cve/?page_num=1&page_size=20 + + +```json +{ + "status": { + "code": 200, + "message": "" + }, + "data": { + "total": 3, + "page_num": 1, + "total_page": 1, + "page_size": 20, + "previous": null, + "next": null, + "data": [ + { + "id": 4, + "gmt_created": "2022-01-24 21:11:40", // 创建时间 + "gmt_modified": "2022-01-24 21:11:40", // 更新时间 + "cve_id": "CVE-2020-12134", // CEV的标识ID + "publisher": "test", // 发布人 + "affected_errata": [], // 受影响的errata + "score": 4.3, // cvss评分 + "severity": "Moderate", // 漏洞等级 + "status": 2, // 是否发布 + "source": "NVD", // cve来源 + "publish_date": "2021-12-21 15:48:22", // 发布时间 + "cvss": { + "nvd_cvss": "CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L", + "cnvd_cvss": "CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L", + "openanolis_cvss": "CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L" + }, // nvd/cnvd/openanolis 的cvss度量评分公式 + // 概要 + "abstract": "A flaw was discovered in processing setsockopt IPT_SO_SET_REPLACE (or IP6T_SO_SET_REPLACE) for 32 bit processes on 64 bit systems. This flaw will allow local user to gain privileges or cause a DoS through user name space. This action is usually restricted to root-privileged users but can also be leveraged if the kernel is compiled with CONFIG_USER_NS and CONFIG_NET_NS and the user is granted elevated privileges.", + // 说明 + "description": "A flaw was discovered in processing setsockopt IPT_SO_SET_REPLACE (or IP6T_SO_SET_REPLACE) for 32 bit processes on 64 bit systems. This flaw will allow local user to gain privileges or cause a DoS through user name space.", + "creator": null, // 系统创建人 + "publish_third_party_token": "test" // 关联的第三方发布系统 + }, + { + "id": 3, + "gmt_created": "2022-01-24 21:11:35", + "gmt_modified": "2022-01-24 21:11:35", + "cve_id": "CVE-2020-12133", + "publisher": "test", + "affected_errata": [], + "score": 4.3, + "severity": "Moderate", + "status": 2, + "source": "RHEL", + "publish_date": "2021-12-21 15:48:22", + "cvss": { + "nvd_cvss": "CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L", + "cnvd_cvss": "CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L", + "openanolis_cvss": "CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L" + }, + "abstract": "A flaw was discovered in processing setsockopt IPT_SO_SET_REPLACE (or IP6T_SO_SET_REPLACE) for 32 bit processes on 64 bit systems. This flaw will allow local user to gain privileges or cause a DoS through user name space. This action is usually restricted to root-privileged users but can also be leveraged if the kernel is compiled with CONFIG_USER_NS and CONFIG_NET_NS and the user is granted elevated privileges.", + "description": "A flaw was discovered in processing setsockopt IPT_SO_SET_REPLACE (or IP6T_SO_SET_REPLACE) for 32 bit processes on 64 bit systems. This flaw will allow local user to gain privileges or cause a DoS through user name space.", + "creator": null, + "publish_third_party_token": 1 + }, + { + "id": 2, + "gmt_created": "2022-01-24 21:05:10", + "gmt_modified": "2022-01-24 21:05:10", + "cve_id": "CVE-2020-12132", + "publisher": "test", + "affected_errata": [], + "score": 4.3, + "severity": "Moderate", + "status": 2, + "source": "NVD", + "publish_date": "2021-12-21 15:48:22", + "cvss": { + "nvd_cvss": "CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L", + "cnvd_cvss": "CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L", + "openanolis_cvss": "CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L" + }, + "abstract": "A flaw was discovered in processing setsockopt IPT_SO_SET_REPLACE (or IP6T_SO_SET_REPLACE) for 32 bit processes on 64 bit systems. This flaw will allow local user to gain privileges or cause a DoS through user name space. This action is usually restricted to root-privileged users but can also be leveraged if the kernel is compiled with CONFIG_USER_NS and CONFIG_NET_NS and the user is granted elevated privileges.", + "description": "A flaw was discovered in processing setsockopt IPT_SO_SET_REPLACE (or IP6T_SO_SET_REPLACE) for 32 bit processes on 64 bit systems. This flaw will allow local user to gain privileges or cause a DoS through user name space.", + "creator": null, + "publish_third_party_token": "test" + } + ] + } +} +``` + +### 2). 添加 + +> 功能描述: 添加 cve +url: /api/v1/cve/ +请求方式: POST +支持格式: application/json + + +**请求参数** + +| 参数 | 必选 | 类型 | 说明 | +| --- | --- | --- | --- | +| cve_id | 是 | string | cve 编号 | +| score | 是 | float | cvss评分分值 | +| severity | 是 | string | 漏洞等级,可选['Critical', 'Important', 'Low', 'None', 'Moderate',] | +| source | str | cve来源 可选 ['Mitre', 'NVD'] | | +| publish_date | 否 | string | 发布日期 格式"2021-12-21 15:48:22" | +| abstract | 否 | string | 概要 | +| description | 否 | string | 备注 | +| issue | 否 | string | issue | +| acknowledgements | 否 | string | 致谢 | +| acknowledgements_en | 否 | string | 英文致谢 | +| reference | 否 | string | 自定义参考链接 | +| diagnose | 否 | string | cve diagnose脚本 | +| statement | 否 | string | 龙蜥声明 | +| mitigation | 否 | string | CVE缓解方案 | +| status | 是 | int | 可选值1、2,status=1表示保存并发布,status=2表示仅保存 | +| cve_source_link | 否 | string | cve源链接 | +| cvss | 否 | json | nvd/openanolis 的cvss度量评分公式 | +| product | 是 | json | cve关联的产品、包、修复状态 ,没有给空列表[] | +| rpm_name | 是 | str | cve关联的软件包名 | +| rpm_status | 是 | str | cve关联包的修复状态,可选项为:fixed、investigation、unaffected、not_fix、out_scope、affected | +| advisory_id | 否 | str | cve下已修复的包/modules关联的errata(用advisory_id关联),只能在系统已有的errata中选择 | + + +**接口示例** + +> 方式:POST +地址:/api/v1/cve/ +参数: + + +```json +{ + "cve_id": "CVE-2022-25636", + "source": "Mitre", + "publish_date": "2022-04-29 11:14:32", + "abstract": "net/netfilter/nf_dup_netdev.c in the Linux kernel 5.4 through 5.6.10 allows local users to gain privileges because of a heap out-of-bounds write. This is related to nf_tables_offload.", + "description": "URL=https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25636 \ncvss3=7.8/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "issue": "Fastento was created by content marketing experts and news engineers who believe in the future of media.", + "acknowledgements": "致谢:Fastento was created by content marketing experts and news engineers who believe in the future of media.", +"acknowledgements_en": "acknowledgements:Fastento was created by content marketing experts and news engineers who believe in the future of media.", + "reference": "自定义参考链接.", + "diagnose": "cve diagnose脚本", + "cve_source_link": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25636", + "score": "7.8", + "severity": "Important", + "cvss": { + "nvd_cvss": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "openanolis_cvss": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" + }, + "product": [ + { + "product_id": 12, + "name_version": "Anolis8.2", + "product_package_info": { + "src": [ + { + "rpm_name": "nodejs", + "rpm_status": "fixed", + "advisory_id": "ANSA-2022:0592" + }, + { + "rpm_name": "python", + "rpm_status": "fixed" + } + ] + } + { + "product_id": 13, + "name_version": "Anolis8.5", + "product_package_info": { + "src": [ + { + "rpm_name": "nodejs", + "rpm_status": "fixed", + "advisory_id": "ANSA-2022:0591" + }, + { + "rpm_name": "python", + "rpm_status": "fixed" + } + ] + } + } + ], + "status": 1 +} +``` + +成功返回: + +```json +{ + "status": { + "code": 201, + "message": "" + }, + "data": { + "id": 52, + "gmt_created": "2022-04-29 11:16:37", + "gmt_modified": "2022-04-29", + "cve_id": "CVE-2022-25636", + "creator": "zhuxiao", + "publisher": "zhuxiao", + "publish_third_party_token": null, + "publish_date": "2022-04-29", + "cvss": { + "nvd_cvss": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "openanolis_cvss": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" + }, + "product": [ + { + "product_id": 12, + "name_version": "Anolis8.2", + "product_package_info": { + "aarch64": [ + { + "rpm_name": "python", + "rpm_status": "fixed" + } + ], + "x86_64": [ + { + "rpm_name": "python", + "rpm_status": "fixed" + } + ], + "src": [ + { + "rpm_name": "python", + "rpm_status": "fixed" + }, + { + "rpm_name": "java", + "rpm_status": "unaffected" + } + ], + "noarch": [ + { + "rpm_name": "java", + "rpm_status": "unaffected" + } + ] + } + }, + { + "product_id": 13, + "name_version": "Anolis8.5", + "product_package_info": { + "aarch64": [ + { + "rpm_name": "python", + "rpm_status": "fixed" + } + ], + "x86_64": [ + { + "rpm_name": "python", + "rpm_status": "fixed" + } + ], + "src": [ + { + "rpm_name": "python", + "rpm_status": "fixed" + }, + { + "rpm_name": "java", + "rpm_status": "unaffected" + } + ], + "noarch": [ + { + "rpm_name": "java", + "rpm_status": "unaffected" + } + ] + } + } + ], + "product_package": [ + { + "name_version": "Anolis8.2", + "rpm_name": "python", + "rpm_status": "fixed" + }, + { + "name_version": "Anolis8.2", + "rpm_name": "java", + "rpm_status": "unaffected" + }, + { + "name_version": "Anolis8.5", + "rpm_name": "java", + "rpm_status": "unaffected" + }, + { + "name_version": "Anolis8.5", + "rpm_name": "python", + "rpm_status": "fixed" + } + ], + "affected_packages": [ + "java", + "python" + ], + "score": 7.8, + "severity": "Important", + "status": 1, + "source": "Mitre", + "cve_source_link": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25636", + "abstract": "net/netfilter/nf_dup_netdev.c in the Linux kernel 5.4 through 5.6.10 allows local users to gain privileges because of a heap out-of-bounds write. This is related to nf_tables_offload.", + "description": "URL=https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25636 \ncvss3=7.8/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "acknowledgements": "致谢:Fastento was created by content marketing experts and news engineers who believe in the future of media.", + "acknowledgements_en": "acknowledgements:Fastento was created by content marketing experts and news engineers who believe in the future of media.", + "errata": [] + } +} +``` + +错误返回: + +```json +{ + "status": { + "code": 400, + "message": { + "cve_id": [ + "cve 编号不能重复" + ], + "cvss": { + "nvd_cvss": [ + "cvss向量字符串不符合规则,请检查后正确输入" + ], + "cnvd_cvss": [ + "cvss向量字符串不符合规则,请检查后正确输入" + ], + "openanolis_cvss": [ + "cvss向量字符串不符合规则,请检查后正确输入" + ] + } + }, + "redirect_url": null + }, + "data": null +} +``` + +### 3). 详情 + +> 功能描述: 获取cve详情 +URL: /api/v1/cve/{cve_id}/ +请求方式: GET +支持格式: application/json + + +** 请求参数** + +| 参数 | 必选 | 类型 | 说明 | +| --- | --- | --- | --- | +| id | 是 | int | | + + +**接口示例** + +> 地址:/api/v1/cve/CVE-2022-46882/ + + +```json +{ + "status": { + "code": 200, + "message": "" + }, + "data": { + "id": 17649, + "gmt_created": "2022-12-19 11:24:46", + "gmt_modified": "2022-12-19", + "cve_id": "CVE-2022-46882", + "creator": null, + "publisher": "distro-team", + "publish_third_party_token": "distro-team", + "publish_date": "2022-12-17", + "cvss": { + "nvd_cvss": "", + "openanolis_cvss": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" + }, + "product": [ + { + "product_id": 5, + "name_version": "Anolis OS 8", + "product_package_info": { + "src": [ + { + "rpm_name": "thunderbird", + "rpm_status": "fixed", + "advisory_id": "ANSA-2022:0829" + }, + { + "rpm_name": "firefox", + "rpm_status": "fixed", + "advisory_id": "ANSA-2022:0830" + } + ] + } + } + ], + "affected_packages": [ + "thunderbird", + "firefox" + ], + "score": 6.1, + "severity": "Moderate", + "product_package": [ + { + "name_version": "Anolis OS 8", + "rpm_name": "thunderbird", + "rpm_status": "fixed", + "advisory_id": "ANSA-2022:0829", + "publish_date": "2022-12-17" + }, + { + "name_version": "Anolis OS 8", + "rpm_name": "firefox", + "rpm_status": "fixed", + "advisory_id": "ANSA-2022:0830", + "publish_date": "2022-12-17" + } + ], + "status": 1, + "source": "Mitre", + "cve_source_link": "", + "abstract": "The Mozilla Foundation Security Advisory describes this flaw as: A use-after-free in WebGL extensions could have led to a potentially exploitable crash.", + "description": null, + "issue": null, + "acknowledgements": "", + "acknowledgements_en": "", + "reference": null, + "diagnose": null, + "statement": null, + "mitigation": null, + "update_user": "distro-team", + "errata": [ + { + "id": 6894, + "advisory_id": "ANSA-2022:0829", + "publish_date": "2022-12-17", + "product_package": { + "name_version": [ + "Anolis OS 8" + ], + "rpm_name": [ + "thunderbird" + ] + } + }, + { + "id": 6895, + "advisory_id": "ANSA-2022:0830", + "publish_date": "2022-12-17", + "product_package": { + "name_version": [ + "Anolis OS 8" + ], + "rpm_name": [ + "firefox" + ] + } + } + ] + } +} +``` + +### 4). 编辑 + +> 功能描述: cve编辑 +URL: /api/v1/cve/{cve_id}/ +请求方式: PUT +支持格式: application/json + + +** 请求参数** + +| 参数 | 必选 | 类型 | 说明 | +| --- | --- | --- | --- | +| cve_id | 是 | string | cve 编号 | +| score | 是 | float | cvss评分分值 | +| severity | 是 | string | 漏洞等级,可选['Critical', 'Important', 'Low', 'None', 'Moderate',] | +| source | str | cve来源 可选 ['Mitre', 'NVD'] | | +| publish_date | 否 | string | 发布日期 格式"2021-12-21 15:48:22" | +| abstract | 否 | string | 概要 | +| description | 否 | string | 备注 | +| issue | 否 | string | issue | +| acknowledgements | 否 | string | 致谢 | +| reference | 否 | string | 自定义参考链接 | +| diagnose | 否 | string | cve diagnose脚本 | +| statement | 否 | string | 龙蜥声明 | +| mitigation | 否 | string | CVE缓解方案 | +| status | 是 | int | 可选值1、2,status=1表示保存并发布,status=2表示仅保存 | +| cve_source_link | 否 | string | cve源链接 | +| cvss | 否 | json | nvd/openanolis 的cvss度量评分公式 | +| product | 是 | json | cve关联的产品、包、修复状态 | +| rpm_name | 是 | str | cve关联的软件包名 | +| rpm_status | 是 | str | cve关联包的修复状态,可选项为:fixed、investigation、unaffected、not_fix、out_scope、affected | +| advisory_id | 否 | str | cve下已修复的包/modules关联的errata(用advisory_id关联),只能在系统已有的errata中选择 | + + +**接口示例** + +> 地址:/api/v1/cve/CVE-2020-12138/ + + +```json +{ + "cve_id": "CVE-2022-25636", + "source": "NVD", + "publish_date": "2022-04-29 11:33:50", + "abstract": "net/netfilter/nf_dup_netdev.c in the Linux kernel 5.4 through 5.6.10 allows local users to gain privileges because of a heap out-of-bounds write. This is related to nf_tables_offload.", + "description": "URL=https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25636 \ncvss3=7.8/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "cve_source_link": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25636", + "score": "7.8", + "severity": "Important", + "cvss": { + "nvd_cvss": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "openanolis_cvss": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" + }, + "product": [ + { + "product_id": 12, + "name_version": "Anolis8.2", + "product_package_info": { + "src": [ + { + "rpm_name": "python", + "rpm_status": "fixed", + "advisory_id": "ANSA-2022:0592" + }, + { + "rpm_name": "java", + "rpm_status": "unaffected" + } + ] + } + }, + { + "product_id": 13, + "name_version": "Anolis8.5", + "product_package_info": { + "src": [ + { + "rpm_name": "python", + "rpm_status": "fixed", + "advisory_id": "ANSA-2022:0591" + }, + { + "rpm_name": "java", + "rpm_status": "unaffected" + } + ] + } + ], + "status": 1 +} +``` + +成功返回 + +``` +{ + "status": { + "code": 200, + "message": "" + }, + "data": { + "id": 52, + "gmt_created": "2022-04-29 11:16:37", + "gmt_modified": "2022-04-29", + "cve_id": "CVE-2022-25636", + "creator": "zhuxiao", + "publisher": "zhuxiao", + "publish_third_party_token": null, + "publish_date": "2022-04-29", + "cvss": { + "nvd_cvss": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "openanolis_cvss": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" + }, + "product": [ + { + "product_id": 12, + "name_version": "Anolis8.2", + "product_package_info": { + "src": [ + { + "rpm_name": "python", + "rpm_status": "fixed", + "advisory_id": "ANSA-2022:0592" + }, + { + "rpm_name": "java", + "rpm_status": "unaffected" + } + ] + }, + { + "product_id": 13, + "name_version": "Anolis8.5", + "product_package_info": { + "src": [ + { + "rpm_name": "python", + "rpm_status": "fixed", + "advisory_id": "ANSA-2022:0591" + }, + { + "rpm_name": "java", + "rpm_status": "unaffected" + } + ] + } + } + ], + "product_package": [ + { + "name_version": "Anolis8.2", + "rpm_name": "python", + "rpm_status": "fixed" + }, + { + "name_version": "Anolis8.2", + "rpm_name": "java", + "rpm_status": "unaffected" + }, + { + "name_version": "Anolis8.5", + "rpm_name": "java", + "rpm_status": "unaffected" + }, + { + "name_version": "Anolis8.5", + "rpm_name": "python", + "rpm_status": "fixed" + } + ], + "affected_packages": [ + "java", + "python" + ], + "score": 7.8, + "severity": "Important", + "status": 1, + "source": "NVD", + "cve_source_link": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25636", + "abstract": "net/netfilter/nf_dup_netdev.c in the Linux kernel 5.4 through 5.6.10 allows local users to gain privileges because of a heap out-of-bounds write. This is related to nf_tables_offload.", + "description": "URL=https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25636 \ncvss3=7.8/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "errata": [] + } +} +``` + +### 5). 删除 + +> 功能描述: 删除cve +URL: /api/v1/cve/{cve_id}/ +请求方式: DELETE +支持格式: application/json + + +** 请求参数** + +| 参数 | 必选 | 类型 | 说明 | +| --- | --- | --- | --- | +| cve_id | 是 | string | cve 编号 | + + +**接口示例** + +> 地址:/api/v1/cve/CVE-2020-12134/ + + +```json +{ + "status": { + "code": 204, + "message": "" + }, + "data": null +} +``` + +## product查询接口 + +### 1) product列表 + +> 获取产品列表 +url: /api/v1/product/ +请求方式: GET +支持格式: application/json + + +**请求参数** + +| 参数 | 必选 | 类型 | 说明 | +| --- | --- | --- | --- | +| page_num | 否 | int | 当前页 | +| page_size | 否 | int | 每页条数20-100 | + + +**返回字段** + +| 返回字段 | 字段类型 | 说明 | +| --- | --- | --- | +| total | int | 总条数 | +| page_num | int | 当前页 | +| total_page | int | 总页数 | +| page_size | int | 每页条数 | +| previous | string | 上一页 | +| next | string | 下一页 | +| data | list | 列表数据 | +| id | int | 产品在数据库的id | +| gmt_created | date | 创建时间 | +| gmt_modified | date | 更新时间 | +| name_version | str | 产品名称 | +| creator | str | 产品创建者 | + + +**接口示例** + +> 地址:/api/v1/product/?page_num=1&page_size=20 + + +```json +{ + "status": { + "code": 200, + "message": "" + }, + "data": { + "total": 2, + "page_num": 1, + "total_page": 1, + "page_size": 20, + "previous": null, + "next": null, + "data": [ + { + "id": 1, + "gmt_created": "2022-01-25 16:05:38", + "gmt_modified": "2022-01-25 16:05:39", + "name_version": "Anolis8.4", + "creator": "张康" + }, + { + "id": 2, + "gmt_created": "2022-01-25 16:06:13", + "gmt_modified": "2022-01-25 16:06:14", + "name_version": "Anolis8.2", + "creator": "朱潇" + } + ] + } +} +``` + +## 软件包查询接口 + +### 1) 软件包下载链接列表 + +> 通过cve_id列表查询关联包的下载链接 +url: /api/v1/package/ +请求方式: GET +支持格式: application/json + + +**请求参数** + +| 参数 | 必选 | 类型 | 说明 | +| --- | --- | --- | --- | +| cve_id_list | 是 | list | 待查询的cve_id列表,如['CVE-2022-122202', 'CVE-2022-111712'] | + + +**返回字段** + +| 返回字段 | 字段类型 | 说明 | +| --- | --- | --- | +| data | list | 列表数据 | +| rpm_filename | string | 软件包名 | +| rpm_url | string | 软件包下载链接 | + + +**接口示例** + +> 地址:/api/v1/product/?cve_id_list=CVE-2022-122202&cve_id_list=CVE-2022-111712 + + +```json +{ + "status": { + "code": 200, + "message": "" + }, + "data": [ + { + "CVE-2022-122202": [ + { + "rpm_filename": "python", + "rpm_url": "http://mirrors.openanolis.cn/anolis/8.4/AppStream/aarch64/os/Packages/nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm" + }, + { + "rpm_filename": "nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm", + "rpm_url": "http://mirrors.openanolis.cn/anolis/8.4/AppStream/aarch64/os/Packages/nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm" + } + ] + }, + { + "CVE-2022-111712": [ + { + "rpm_filename": "python", + "rpm_url": "http://mirrors.openanolis.cn/anolis/8.4/AppStream/aarch64/os/Packages/nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm" + }, + { + "rpm_filename": "nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm", + "rpm_url": "http://mirrors.openanolis.cn/anolis/8.4/AppStream/aarch64/os/Packages/nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm" + } + ] + } + ] +} +``` diff --git "a/TECHNOLOGY_DOCS/\345\256\211\345\205\250\347\256\241\347\220\206\347\263\273\347\273\237/OpenAnolis\345\256\211\345\205\250\346\225\260\346\215\256API\346\226\207\346\241\243.md" "b/TECHNOLOGY_DOCS/\345\256\211\345\205\250\347\256\241\347\220\206\347\263\273\347\273\237/OpenAnolis\345\256\211\345\205\250\346\225\260\346\215\256API\346\226\207\346\241\243.md" new file mode 100644 index 0000000000000000000000000000000000000000..d46d51adeffc711e1bdaafc399b08589ce75f313 --- /dev/null +++ "b/TECHNOLOGY_DOCS/\345\256\211\345\205\250\347\256\241\347\220\206\347\263\273\347\273\237/OpenAnolis\345\256\211\345\205\250\346\225\260\346\215\256API\346\226\207\346\241\243.md" @@ -0,0 +1,91 @@ +## OpenAnolis安全数据API文档1.0 + +欢迎联系龙蜥安全团队邮件列表:ansa-announce@lists.openanolis.cn + +### 1. 简介 + +OpenAnolis安全数据API对外提供了安全数据的访问接口,通过指定的参数查询OpenAnolis社区安全相关数据。目前API支持CVE、OVAL格式的数据访问,其他数据类型敬请期待。 + +安全数据API提供了OpenAnolis社区的安全相关数据和信息,以更好地支持业务需求和指标衡量,如您对安全数据API有任何的疑问,欢迎联系[龙蜥安全团队](https://lists.openanolis.cn/postorius/lists/ansa-announce.lists.openanolis.cn/),或者在[OpenAnolis Bugzilla](https://bugzilla.openanolis.cn/)向我们提出issue。 + +**`Base URL`** + +> https://anas.openanolis.cn/api/securitydata + +**`数据格式`** + +对外数据接口支持JSON、XML格式的数据,数据格式可以通过访问url的后缀来标识,如.xml、.json。 + +### 2. CVE接口 +#### 2.1 CVE列表 + +**简介** + +列出所有的CVE,以指定的数据格式返回信息 + +**`JSON`** +> GET /cve.json + +**`XML`** +> GET /cve.xml + +#### 2.2 单条CVE +**简介** + +获取一条CVE的信息 +`JSON` + +> GET /cve/.json + +`XML` + +> GET /cve/.xml + +**示例** + +/cve/CVE-2022-2795.xml + +#### 2.3 CVE数据格式 +| **参数名称** | **参数说明** | **备注** | **参数类型** | +| --- | --- | --- | --- | +| name | CVE ID | | string | +| threat_severity | 严重等级 | | string | +| public_date | 发布时间 | | datetime | +| bugzilla | bugzilla链接 | | string | +| details | 漏洞细节 | | string | +| description | 漏洞描述 | | string | +| reference | 参考链接 | | string | +| statement | 漏洞声明 | | string | +| diagnose | 漏洞诊断 | | string | +| mitigation | 缓解方案 | | string | +| acknowledgement | 致谢 | | string | +| cvss_score | CVSS评分 | | float | +| cvss_scoring_vector | CVSS向量 | | str | +| source | CVE数据源 | | str | +| csaw | | | | +| package_state | - | | list(product) | +| product | | | | +| product_name | 产品名称 | | string | +| fix_state | 状态 | | string | +| package_name | 软件名称 | | string | +| cpe | cpe | | string | + +### 3. OVAL接口 +#### 3.1 OVAL列表 +**简介** + +返回产品下所有的OVAL数据列表,OVAL数据接口目前仅支持XML格式 + +`XML` +> GET /oval/.xml + +**示例** + +/oval/anolis-7.xml + +/oval/anolis-8.xml + +### 4. OVAL文件下载 +您可以直接访问[Anolis OS 安全漏洞数据中心](https://anas.openanolis.cn/data)浏览并下载最新的以及历史的OVAL文件。 + +Anolis OS安全漏洞数据中心正在不断完善和优化中,如您有宝贵的建议,欢迎您联系龙蜥安全团队:ansa-announce@lists.openanolis.cn。