diff --git a/cve-vulner-manager/common/common.go b/cve-vulner-manager/common/common.go index 366f7f84615f5076495e3b76bf872753bc86c80b..2d771eb90eed1f0fa3a3498313845e2996c9b8c1 100644 --- a/cve-vulner-manager/common/common.go +++ b/cve-vulner-manager/common/common.go @@ -439,6 +439,9 @@ func StripStrReg(text string) string { } func FindSliceEm(slice []string, val string) (int, bool) { + if len(slice) == 0 { + return -1, false + } for i, item := range slice { if item == val { return i, true diff --git a/cve-vulner-manager/conf/app.conf b/cve-vulner-manager/conf/app.conf index 84f0250658bef5db347f87f8e483505cef6a948b..420267e7626cf656f15152365f551f2aa18bbaf9 100644 --- a/cve-vulner-manager/conf/app.conf +++ b/cve-vulner-manager/conf/app.conf @@ -19,7 +19,7 @@ rejectCmd = "/reject" approveCmd = "/approve" closeCmd = "/close" errorCmd = "/error" -autoPrCmd = "/auto-patch" +autoPrCmd = "/find-patch" labelFixed = "CVE/FIXED" labelUnFix = "CVE/UNFIXED" labeUnaffected = "CVE/UNAFFECTED" @@ -227,4 +227,11 @@ download_cvrf_dir = "cvrf/" upload_updateinfo_dir = "cve-manager-updateinfo/" [cveagency] -url = "http://cve-manager-agent.cve-manager-agent.svc.cluster.local/v1/cve/track" \ No newline at end of file +url = "http://cve-manager-agent.cve-manager-agent.svc.cluster.local/v1/cve/track" + +[openlookeng] +#openlookeng_owner = openlookeng +openlookeng_owner = cve-openlookeng +# git token +git_openlookeng_token = "${GITEE_OPENLOOKENG_TOKEN||xxx}" +openlookeng_version = "master,r1.2" \ No newline at end of file diff --git a/cve-vulner-manager/conf/product_app.conf b/cve-vulner-manager/conf/product_app.conf index b5c0bf4ecf58526bfbbacdc7171f1267068c6d25..e5c8417cc33e3b0eed814071bfddf1c647e7e9b0 100644 --- a/cve-vulner-manager/conf/product_app.conf +++ b/cve-vulner-manager/conf/product_app.conf @@ -19,7 +19,7 @@ rejectCmd = "/reject" approveCmd = "/approve" closeCmd = "/close" errorCmd = "/error" -autoPrCmd = "/auto-patch" +autoPrCmd = "/find-patch" labelFixed = "CVE/FIXED" labelUnFix = "CVE/UNFIXED" labeUnaffected = "CVE/UNAFFECTED" @@ -217,4 +217,10 @@ download_cvrf_dir = "cvrf/" upload_updateinfo_dir = "cve-manager-updateinfo/" [cveagency] -url = "http://cve-manager-agent.cve-manager-agent.svc.cluster.local/v1/cve/track" \ No newline at end of file +url = "http://cve-manager-agent.cve-manager-agent.svc.cluster.local/v1/cve/track" + +[openlookeng] +openlookeng_owner = openlookeng +# git token +git_openlookeng_token = "${GITEE_OPENLOOKENG_TOKEN||xxx}" +openlookeng_version = "master,r1.2" \ No newline at end of file diff --git a/cve-vulner-manager/controllers/hook.go b/cve-vulner-manager/controllers/hook.go index cabe689eb15d08a092fab3ae9c7497668445085c..145343e74ca5902be3441e8d5b19aa59d86535e2 100644 --- a/cve-vulner-manager/controllers/hook.go +++ b/cve-vulner-manager/controllers/hook.go @@ -1179,7 +1179,8 @@ func updateTempAndCenter(issueTmp models.IssueTemplate, cveCenter models.VulnCen logs.Error(err) } } - update := models.UpdateVulnCenter(&cveCenter, "is_export") + cveCenter.CveLevel = models.OpenEulerScoreProc(issueTmp.NVDScore) + update := models.UpdateVulnCenter(&cveCenter, "is_export", "cve_level") if !update { logs.Error("update vulnCenter fail ") appearErr += 1 @@ -1203,8 +1204,9 @@ func updateTempAndCenter(issueTmp models.IssueTemplate, cveCenter models.VulnCen AbiAffectedVersionBool(issueTmp.AbiVersion) && !strings.Contains(issueTmp.IssueLabel, labeAbiChanged) { issueTmp.IssueLabel = issueTmp.IssueLabel + "," + labeAbiChanged } + issueTmp.CveLevel = models.OpenEulerScoreProc(issueTmp.OpenEulerScore) tpErr := models.UpdateIssueTemplate(&issueTmp, "status", "issue_status", - "status_name", "issue_label", "mt_audit_flag", "sa_audit_flag") + "status_name", "issue_label", "mt_audit_flag", "sa_audit_flag", "cve_level") if tpErr != nil { logs.Error(tpErr) appearErr += 1 @@ -2820,13 +2822,28 @@ func AddGitIssue(issueHook *models.IssuePayload, desc, product string) error { RepoDesc: desc, IssueState: issueZhState, Owner: nameSpace, OrganizationID: organizationID, Status: 0} //vt := util.TrimString(v.Title) + cveStr := "" if strings.HasPrefix(issueTitle, "CVE") { - item.CveNumber = issueTitle + cveStr = issueTitle } else if issueHook.Issue.Body != "" { //通过正则表达式去body中截取 稍后完善 sm := util.RegexpCveNumber.FindAllStringSubmatch(issueHook.Issue.Body, -1) if len(sm) > 0 && len(sm[0]) > 0 { - item.CveNumber = util.TrimString(sm[0][1]) + cveStr = sm[0][1] + } + } + cveList := []string{} + if len(cveStr) > 1 { + cveRes := util.RegexpCveNumVaule.FindAllStringSubmatch(cveStr, -1) + if len(cveRes) > 0 { + for _, cr := range cveRes { + if len(cr) > 0 { + tCr := util.TrimString(cr[0]) + if _, ok := common.FindSliceEm(cveList, tCr); !ok { + cveList = append(cveList, tCr) + } + } + } } } owner := beego.AppConfig.String("gitee::owner") @@ -2838,22 +2855,25 @@ func AddGitIssue(issueHook *models.IssuePayload, desc, product string) error { owner = beego.AppConfig.String("opengauss::gauss_owner") accessToken = beego.AppConfig.String("opengauss::git_gauss_token") } - // Check whether the current cve has created an issue - checkRes := taskhandler.OPenCheckWhetherIssue(item.CveNumber, repoPath, owner, accessToken, organizationID) - if checkRes { - logs.Error("Cve has created an issue, please process the previous issue first, ", - item.CveNumber, repoPath, ", organizationID: ", organizationID) - taskhandler.AddCommentToIssue(fmt.Sprintf(HasCreateIssue, issueHook.Assignee.UserName, item.CveNumber), - issueNumber, owner, repoPath, accessToken) - return errors.New("Ignore the current issue") - } - //vb := util.TrimString(v.Body) - vb := strings.ReplaceAll(issueHook.Issue.Body, ":", ":") - item.Body = vb - item.IssueExistTpl = false - err := item.InsertOrUpdate(2) - if err != nil { - logs.Error("insert or update issue fail:", err) + for _, cve := range cveList { + item.CveNumber = cve + // Check whether the current cve has created an issue + checkRes := taskhandler.OPenCheckWhetherIssue(item.CveNumber, repoPath, owner, accessToken, organizationID) + if checkRes { + logs.Error("Cve has created an issue, please process the previous issue first, ", + item.CveNumber, repoPath, ", organizationID: ", organizationID) + taskhandler.AddCommentToIssue(fmt.Sprintf(HasCreateIssue, issueHook.Assignee.UserName, item.CveNumber), + issueNumber, owner, repoPath, accessToken) + return errors.New("Ignore the current issue") + } + //vb := util.TrimString(v.Body) + vb := strings.ReplaceAll(issueHook.Issue.Body, ":", ":") + item.Body = vb + item.IssueExistTpl = false + err := item.InsertOrUpdate(2) + if err != nil { + logs.Error("insert or update issue fail:", err) + } } return nil } else { @@ -2954,21 +2974,21 @@ func gitAddIssueProc(issueHook *models.IssuePayload) error { desc := taskhandler.GetRepoDescription(path) giErr := AddGitIssue(issueHook, desc, product) if giErr != nil { - return giErr + logs.Error("AddGitIssue, giErr: ", giErr) } // Compatible with created issue data oki, err := taskhandler.GetCveIssueData(prcNum, days, openeulerNum, cveRef, owner, 1) if !oki { logs.Error("ProcCveOriginData, GetCveIssueData, err: ", err) } - createErr := task.CreateIssue() - if createErr != nil { - logs.Error("Failed to synchronize issue data of cve, err: ", createErr) + cError := task.CreateIssue() + if cError != nil { + logs.Error("CreateIssue, cError: ", cError) } comErr := AddIssueComment(token, owner, path, issueHook.Issue.Number, issueHook.Issue.User.UserName, issueHook.Issue.Id) logs.Info("CreateIssueToGit, Issue comment creation result, err: ", comErr) - return createErr + return comErr } func AddIssueComment(token, owner, path, issueNum, assignee string, issueId int64) error { diff --git a/cve-vulner-manager/models/cve.go b/cve-vulner-manager/models/cve.go index 9576b48bcc6f1ab3e9d4f3b350fd0ac60d562c40..0a7e1da335c867dd41002e8fe143393e147a630f 100644 --- a/cve-vulner-manager/models/cve.go +++ b/cve-vulner-manager/models/cve.go @@ -99,7 +99,7 @@ func QueryOriginCveIssue(prcnum int) ([]GiteOriginIssue, int64, error) { logs.Info("QueryOriginCveIssue, cve_gite_origin_issue, search result: ", num) } else { logs.Error("QueryOriginCveIssue, There are currently no new or updated issues, cve_gite_origin_issue, cur_time:", - common.GetCurTime(), ",err: ", err) + common.GetCurTime(), ",err: ", err, gs) } return gs, num, err } diff --git a/cve-vulner-manager/models/giteeissue.go b/cve-vulner-manager/models/giteeissue.go index b9153daaf57a37c4598d5885d2951ea8e3768ef0..2ac700fde84d0d99a405ed587bf35750d62d2ab5 100644 --- a/cve-vulner-manager/models/giteeissue.go +++ b/cve-vulner-manager/models/giteeissue.go @@ -136,7 +136,7 @@ func (g *GiteOriginIssue) ParseToLoophole() (hole Loophole, err error) { scoreType, err := judgeScoreType(g.Body) if err != nil { logs.Error(err, "judgeScoreType, body: ", g.Body) - return lp, err + //return lp, err } lp.ScoreType = scoreType if isNewTpl(g.Body) { diff --git a/cve-vulner-manager/models/modeldb.go b/cve-vulner-manager/models/modeldb.go index a66bb24cc36103e89cb58a6fed40ebd101b17ed4..43631b407897c77dc0db7c298a4ec62dfd2720b3 100644 --- a/cve-vulner-manager/models/modeldb.go +++ b/cve-vulner-manager/models/modeldb.go @@ -37,7 +37,7 @@ type VulnCenter struct { CveId int64 `orm:"pk;auto;column(cve_id)"` CveNum string `orm:"size(256);column(cve_num);index" description:"cve编号"` Description string `orm:"type(text);column(cve_desc)" description:"cve描述"` - CveLevel string `orm:"size(32);column(cve_level)" description:"致命(Critical);严重(High);中等(Medium);一般(Low);其他"` + CveLevel string `orm:"size(32);column(cve_level)" description:"nvd 致命(Critical);严重(High);中等(Medium);一般(Low);其他"` Status int8 `orm:"default(0);column(cve_status)" description:"0:cve新增;1:数据已变化;2:已创建issue; 3: 数据创建失败; 4:不符合创建issue条件数据(cve年份不符合要求); 5:issue已经创建过,不符合要求,不处理;6:字段为空(评分,描述等);7:issue已被删除不再创建;8:分支和版本信息不想符合"` CveVersion string `orm:"size(512);column(cve_version)" description:"cve归属版本,版本合并"` @@ -171,7 +171,7 @@ type IssueTemplate struct { Milestone string `orm:"size(64);column(milestone);null" description:"里程碑序号"` Program string `orm:"size(64);column(program);null" description:"项目编号"` SecurityHole int8 `orm:"default(0);column(security_hole)" description:"是否是私有issue"` - CveLevel string `orm:"size(32);column(cve_level)" description:"致命(Critical);严重(High);中等(Medium);一般(Low);其他"` + CveLevel string `orm:"size(32);column(cve_level)" description:"openEuler 致命(Critical);严重(High);中等(Medium);一般(Low);其他"` CommentId int64 `orm:"column(comment_id);null" description:"首条评论id"` ErrorDescription string `orm:"size(64);column(error_description);null" description:"cve错误信息,cve与当前仓库错误信息保存"` SecLink string `orm:"size(512);column(sec_link)" description:"sa安全链接"` @@ -500,7 +500,7 @@ type GiteOriginIssue struct { IssueType string `json:"issue_type" description:"issue 类型"` IssueExistTpl bool `json:"issue_exist_tpl" description:"此 issue 是否有对应的模板"` SecurityHole bool `json:"security_hole" description:"是否为安全漏洞"` - Status int8 `orm:"default(0);column(proc_status)" description:"0:cve新增;1:数据已变化;2:数据已处理"` + Status int8 `orm:"default(0);column(proc_status)" description:"0:cve新增;1:数据已变化;2:数据已处理;3:数据错误"` IssueCreateAt time.Time `json:"issue_create_at" orm:"null" description:"issue 创建的时间"` IssueUpdateAt time.Time `json:"issue_update_at" orm:"null" description:"issue 更新的时间"` IssueFinishAt time.Time `json:"issue_finish_at" orm:"null" description:"issue 关闭的时间"` @@ -934,6 +934,25 @@ type OriginUpstreamRecord struct { CreateTime string `orm:"size(32);column(create_time)"` } +type OpenLookengSecurityReviewer struct { + Id int64 `orm:"pk;auto"` + NameSpace string `orm:"unique" description:"码云空间地址"` + Status int8 `orm:"default(0);column(status)" description:"0: 全部;1:审核人"` +} + +type OpenLookengYaml struct { + Id int64 `orm:"pk;auto"` + Repo string `orm:"column(repo_name);size(256)" description:"仓名称"` + PackageName string `orm:"column(package_name);size(256)" description:"第三方包名称"` + Version string `orm:"size(64);column(version);index" description:"版本号"` + OriginUrl string `orm:"size(512);column(origin_url)" description:"gitee上的地址"` + Status int8 `orm:"default(1);column(status)" description:"1:正常;2:已删除"` + CpeName string `orm:"type(text);column(cpe_name)" description:"cpe的名称"` + CreateTime string `orm:"size(32);column(create_time)"` + UpdateTime string `orm:"size(32);column(update_time);null"` + DeleteTime string `orm:"size(32);column(delete_time);null"` +} + func CreateDb() bool { BConfig, err := config.NewConfig("ini", "conf/app.conf") if err != nil { @@ -972,6 +991,7 @@ func CreateDb() bool { new(OpenEulerRepoOrigin), new(OpenGaussSecurityReviewer), new(MindSporeYaml), new(MindSporeSecurityReviewer), new(MindSporeBrandTags), new(OriginUpstreamRecord), + ) logs.Info("table create success!") errosyn := orm.RunSyncdb("default", false, true) diff --git a/cve-vulner-manager/models/uploadcve.go b/cve-vulner-manager/models/uploadcve.go index 3d4eb0b78eaac3ea5968714ae42b75237e5bd2a4..5c17222303dd4dacac8a466bc335881088bf7664 100644 --- a/cve-vulner-manager/models/uploadcve.go +++ b/cve-vulner-manager/models/uploadcve.go @@ -176,14 +176,19 @@ func QueryCveOpeneulerdata(ge *GitOpenEuler) bool { return true } -func QueryCveOpeneulerDetaildataByName(pkgName, versions string) (GitPackageInfo, bool) { +func QueryCveOpeneulerDetaildataByName(pkgName, versions string) (goe GitPackageInfo, bl bool) { o := orm.NewOrm() - var goe GitPackageInfo - err := o.Raw("select * from cve_git_package_info where package_name = ? and version = ? and status = ? "+ - "order by detail_id limit 1", pkgName, versions, 0).QueryRow(&goe) + err := error(nil) + if versions == "" || len(versions) == 0 { + err = o.Raw("select * from cve_git_package_info where package_name = ? and status = ? "+ + "order by detail_id desc limit 1", pkgName, 0).QueryRow(&goe) + } else { + err = o.Raw("select * from cve_git_package_info where package_name = ? and version = ? and status = ? "+ + "order by detail_id desc limit 1", pkgName, versions, 0).QueryRow(&goe) + } if err != nil { - logs.Info("QueryCveOpeneulerDetaildataByName, cve_git_package_info, pkgName: ", pkgName, ", versions: ", versions, - ", No corresponding data") + logs.Error("QueryCveOpeneulerDetaildataByName, cve_git_package_info, pkgName: ", pkgName, ", versions: ", versions, + ", No corresponding data, err: ", err) return goe, false } else { logs.Info("QueryCveOpeneulerDetaildataByName, cve_git_package_info, pkgName: ", pkgName, ", versions: ", versions, diff --git a/cve-vulner-manager/task/issuetask.go b/cve-vulner-manager/task/issuetask.go index 589347323ca4e55e69b35b376b0e864178555364..0aca68c502e016ab284059b79631f2e53a80c9e5 100644 --- a/cve-vulner-manager/task/issuetask.go +++ b/cve-vulner-manager/task/issuetask.go @@ -149,7 +149,7 @@ compareRes: return branchFlag } -func addUnlimitedIssue(beforeTime string, prcnum int, years, toolYears, manYears int) error { +func addUnlimitedIssue(beforeTime string, prcnum, years, toolYears, manYears, flag int) error { for ; ; { cveData, err := models.QueryIssue(beforeTime, prcnum) if err == nil && len(cveData) > 0 { @@ -209,11 +209,13 @@ func addUnlimitedIssue(beforeTime string, prcnum int, years, toolYears, manYears ErrorCveStatistics("CVE已经在官网展示, 已修复", issueValue, 1) continue } - if issueValue.Status == 0 { + if issueValue.Status == 0 && flag != 2 { branchBool := CheckCveIssueBranch(issueValue.PackName, issueValue.CveVersion) if !branchBool { models.UpdateIssueStatus(issueValue, 8) - logs.Info("addUnlimitedIssue, The current repo branch and version information do not match, cveData: ", issueValue) + logs.Info("addUnlimitedIssue, "+ + "The current repo branch and version information do not match, "+ + "cveData: ", issueValue) ErrorCveStatistics("仓库分支和版本信息不想符合", issueValue, 2) continue } @@ -477,7 +479,7 @@ func CreateIssue() error { logs.Info("The execution of the issue task of creating cve ends. . .") return limitErr } else { - unlimitErr := addUnlimitedIssue(beforeTime, prcnum, years, toolYears, manYears) + unlimitErr := addUnlimitedIssue(beforeTime, prcnum, years, toolYears, manYears, 1) logs.Info("CreateIssue, addUnlimitedIssue, err: ", unlimitErr) logs.Info("The execution of the issue task of creating cve ends. . .") return unlimitErr @@ -825,7 +827,7 @@ func EmgCreateIssue() error { logs.Info("The execution of the issue task of creating cve ends. . .") return limitErr } else { - unlimitErr := addUnlimitedIssue(beforeTime, prcnum, years, toolYears, manYears) + unlimitErr := addUnlimitedIssue(beforeTime, prcnum, years, toolYears, manYears, 1) logs.Info("CreateIssue, addUnlimitedIssue, err: ", unlimitErr) logs.Info("The execution of the issue task of creating cve ends. . .") return unlimitErr diff --git a/cve-vulner-manager/task/synccve.go b/cve-vulner-manager/task/synccve.go index 429cb8f5d0faa2c481e9fc265cd8b096c978e8f7..88ffd56d9152dae31b348c1bbf65770be223263d 100644 --- a/cve-vulner-manager/task/synccve.go +++ b/cve-vulner-manager/task/synccve.go @@ -103,7 +103,7 @@ func SyncCreateIssue() error { logs.Info("The execution of the issue task of creating cve ends. . .") return limitErr } else { - unlimitErr := addUnlimitedIssue(beforeTime, prcnum, years, toolYears, manYears) + unlimitErr := addUnlimitedIssue(beforeTime, prcnum, years, toolYears, manYears, 1) logs.Info("CreateIssue, addUnlimitedIssue, err: ", unlimitErr) logs.Info("The execution of the issue task of creating cve ends. . .") return unlimitErr diff --git a/cve-vulner-manager/taskhandler/common.go b/cve-vulner-manager/taskhandler/common.go index b7d5e5415a4c4ff5d2c3872bb0e845c39d93b5ae..5320108b0f556eddc60b868c245555dd9dfe5265 100644 --- a/cve-vulner-manager/taskhandler/common.go +++ b/cve-vulner-manager/taskhandler/common.go @@ -704,6 +704,10 @@ func CreateIssueBody(accessToken, owner, path, assignee string, if err != nil { floatOpenEulerScore = 0.0 } + nvdScore, err := strconv.ParseFloat(score, 64) + if err != nil { + nvdScore = 0.0 + } cveAnalysis := "" if its.CveAnalysis != "" && len(its.CveAnalysis) > 1 { cveAnalysis = strings.Replace(its.CveAnalysis, "\n", "", -1) @@ -770,6 +774,7 @@ func CreateIssueBody(accessToken, owner, path, assignee string, } cveNumber := "[" + cve.CveNum + "](https://nvd.nist.gov/vuln/detail/" + cve.CveNum + ")" cve.CveDetailUrl = "https://nvd.nist.gov/vuln/detail/" + cve.CveNum + cve.CveLevel = models.OpenEulerScoreProc(nvdScore) if flag == 1 { if floatOpenEulerScore > 0.0 || (its.OpenEulerVector != "" && len(its.OpenEulerVector) > 1) { nveScore := score + " " + cve.CveLevel diff --git a/cve-vulner-manager/taskhandler/cve.go b/cve-vulner-manager/taskhandler/cve.go index 940dda833a4abfffdc7833161e149f872709265c..0c429bd04f81871c7c8c5af9e42d07d067631403 100644 --- a/cve-vulner-manager/taskhandler/cve.go +++ b/cve-vulner-manager/taskhandler/cve.go @@ -1904,6 +1904,7 @@ func GenCveVulerByIssue(cveData models.GiteOriginIssue, cveRef string, openeuler if !ok || goe.DetailId == 0 { logs.Error("Failed to get data, ", "Components: ", hole.Components, ",Version: ", hole.Version) } + hole.Version = goe.Version if cveData.State != "" && (strings.ToLower(cveData.State) == "rejected" || cveData.State == "已拒绝") { logs.Info("Process data whose issue status is rejected:", cveData) cvd, ok := models.QueryCveByNum(cveData.CveNumber, cveData.RepoPath, hole.Version, organizationID) @@ -2104,7 +2105,7 @@ func GetCveIssueData(prcnum, days, openeulernum int, cveRef, owner string, openF count := 0 for { gs, num, err := models.QueryOriginCveIssue(prcnum) - if err != nil || num == 0 { + if num == 0 { logs.Info("There is currently no cveissue raw data processing, err: ", err, ", curtime: ", common.GetCurTime()) break diff --git a/cve-vulner-manager/util/parsepayload.go b/cve-vulner-manager/util/parsepayload.go index 788c9054c435430ca8d9ea07d908b899c329dfa5..a06df64dc4521db152981bce5f1ee1bc1df3c4cb 100644 --- a/cve-vulner-manager/util/parsepayload.go +++ b/cve-vulner-manager/util/parsepayload.go @@ -53,6 +53,8 @@ var ( CvsScoreV3 = "v3" //CvsScoreV2 nveScoreType V2 CvsScoreV2 = "v2" + // Regular match CVE information + RegexpCveNumVaule = regexp.MustCompile(`CVE-\d+-\d+`) //RegexpCveNumber cveNum extract regexp RegexpCveNumber = regexp.MustCompile(`漏洞编号[::](?s:(.*?))漏洞归属组件[::]`) regexpCveNumberLink = regexp.MustCompile(`\[(.*?)\]\((.*?)\)`) @@ -79,7 +81,7 @@ var ( //RegexpCveInfluencesVersion influences version regexp RegexpCveInfluencesVersion = regexp.MustCompile(`受影响版本[::](?s:(.*?))规避方案或消减措施[::]`) //RegexpCveInfluencesVersionNew new tpl influences version regexp - RegexpCveInfluencesVersionNew = regexp.MustCompile(`受影响版本排查\(受影响/不受影响\)[::](?s:(.*?))$`) + RegexpCveInfluencesVersionNew = regexp.MustCompile(`受影响版本排查\(受影响/不受影响\)[::](?s:(.*?))$`) RegexpCveInfluencesVersionFixNew = regexp.MustCompile(`受影响版本排查\(受影响/不受影响\)[::](?s:(.*?))三、漏洞修复`) //RegexpCvePlannedMeasures the cve planned measures regexp RegexpCvePlannedMeasures = regexp.MustCompile(`规避方案或消减措施[::](?s:(.*?))受影响的包[::]`) @@ -107,7 +109,7 @@ var ( //RegexpCveAbiVersionNew new tpl influences version regexp RegexpCveAbiVersionNew = regexp.MustCompile(`受影响版本排查\(受影响/不受影响\)[::](?s:(.*?))(修复)?是否涉及abi变化\(是/否\)[::]`) //RegexpCveAbiNew new tpl influences version regexp - RegexpCveAbiNew = regexp.MustCompile(`[修复]?是否涉及abi变化\(是/否\)[::](?s:(.*?))$`) + RegexpCveAbiNew = regexp.MustCompile(`[修复]?是否涉及abi变化\(是/否\)[::](?s:(.*?))$`) RegexpCveAbiFixNew = regexp.MustCompile(`[修复]?是否涉及abi变化\(是/否\)[::](?s:(.*?))三、漏洞修复`) )