nik/FreedomBox
1
0
Fork 0
mirror of https://github.com/freedombox/FreedomBox.git synced 2026-05-20 10:34:30 +00:00
Code Issues Packages Projects Releases Wiki Activity

security: Remove display of past vulnerabilities

Browse Source 
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
This commit is contained in:
James Valleroy 2021-08-23 07:59:34 -04:00 committed by Sunil Mohan Adapa
parent efa615201b
commit 4b51396860
No known key found for this signature in database
GPG Key ID: 43EA1CFF0AA7C5F2
2 changed files with 5 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
plinth/modules/security/__init__.py
View File

@ -7,7 +7,6 @@ import re
import subprocess import subprocess
from collections import defaultdict from collections import defaultdict
import requests
from django.utils.translation import ugettext_lazy as _ from django.utils.translation import ugettext_lazy as _
from plinth import actions from plinth import actions
@ -109,12 +108,6 @@ def get_apps_report():
(label, package, *_) = line.split() (label, package, *_) = line.split()
cves[label].add(package) cves[label].add(package)
try:
past_cves = requests.get(
'https://security-tracker.debian.org/tracker/data/json').json()
except Exception:
past_cves = None
service_exposure_lines = subprocess.check_output( service_exposure_lines = subprocess.check_output(
['systemd-analyze', 'security']).decode().strip().split('\n') ['systemd-analyze', 'security']).decode().strip().split('\n')
service_exposure_lines.pop(0) service_exposure_lines.pop(0)
@ -130,12 +123,8 @@ def get_apps_report():
'name': 'freedombox', 'name': 'freedombox',
'packages': {'freedombox'}, 'packages': {'freedombox'},
'vulns': 0, 'vulns': 0,
'past_vulns': 0 if past_cves else None,
} }
} }
if past_cves and 'freedombox' in past_cves:
apps['freedombox']['past_vulns'] = len(past_cves['freedombox'])
for module_name, module in module_loader.loaded_modules.items(): for module_name, module in module_loader.loaded_modules.items():
try: try:
packages = module.managed_packages packages = module.managed_packages
@ -155,14 +144,9 @@ def get_apps_report():
'name': module_name, 'name': module_name,
'packages': set(packages), 'packages': set(packages),
'vulns': 0, 'vulns': 0,
'past_vulns': 0 if past_cves else None,
'sandboxed': None, 'sandboxed': None,
} }
for package in packages:
if past_cves and package in past_cves:
apps[module_name]['past_vulns'] += len(past_cves[package])
if services: if services:
apps[module_name]['sandboxed'] = False apps[module_name]['sandboxed'] = False
for service in services: for service in services:

12
plinth/modules/security/templates/security_report.html
View File

@ -17,11 +17,11 @@
</p> </p>
<p> <p>
{% blocktrans trimmed %} {% blocktrans trimmed %}
The following table lists the current reported number, and historical The following table lists the current reported number of
count, of security vulnerabilities for each installed app. security vulnerabilities for each installed app. More
More information on the vulnerabilities can be found on the information on the vulnerabilities can be found on the
<a href="https://security-tracker.debian.org/tracker/">Debian Security <a href="https://security-tracker.debian.org/tracker/">Debian
Bug Tracker</a>. Security Bug Tracker</a>.
{% endblocktrans %} {% endblocktrans %}
</p> </p>
<p> <p>
@ -44,7 +44,6 @@
<tr> <tr>
<th>{% trans "App Name" %}</th> <th>{% trans "App Name" %}</th>
<th>{% trans "Current Vulnerabilities" %}</th> <th>{% trans "Current Vulnerabilities" %}</th>
<th>{% trans "Past Vulnerabilities" %}</th>
<th>{% trans "Sandboxed" %}</th> <th>{% trans "Sandboxed" %}</th>
<th>{% trans "Sandbox Coverage" %}</th> <th>{% trans "Sandbox Coverage" %}</th>
</tr> </tr>
@ -54,7 +53,6 @@
<tr> <tr>
<td>{{ app.name }}</td> <td>{{ app.name }}</td>
<td>{{ app.vulns }}</td> <td>{{ app.vulns }}</td>
<td>{{ app.past_vulns|default_if_none:"❗"}}</td>
<td> <td>
{% if app.sandboxed is None %} {% if app.sandboxed is None %}
{% trans "N/A" %} {% trans "N/A" %}