update project

05a77a37 · thl-cmk · 20246898 · 05a77a37 · 05a77a37 · 05a77a37
Commit 05a77a37 authored 2 years ago by thl-cmk
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -97,4 +97,4 @@ IMPORTANT: If you update from a previous version, you need first to uninstall th
 2022-05-06: BAKERY: fixed not enough values to unpack in exclude_paths_bulk (THX to Rene Calmer[at]forum.checkmk.com)
 2022-10-24: replace "\n" with "\N" in detail output to avoid linebreaks in file names with "\n" (usually in Windows only)
 2022-11-30: WATO: fixed CheckParameterRulespecWithoutItem (from CheckParameterRulespecWithItem)
+2023-02-17: fixed non digit version string handling i.e: "1.2.17-cloudera1"
--- a/agent_based/cve_2021_44228_log4j.py
+++ b/agent_based/cve_2021_44228_log4j.py
@@ -32,7 +32,7 @@
 # 2022-02-07: added state_not_fixed option for per cve plugin
 # 2022-02-14: added files_safe counter
 # 2022-10-24: replace "\n" with "\N" in details output to avoid linebreaks in filenames with "\n" (usually in Windows only)
-#
+# 2023-02-17: fixed non digit version string handling i.e: "1.2.17-cloudera1"
 # sample agent output
 # <<<cve_2021_44228_log4j:sep(0);cached(1639746030,600)>>>
@@ -565,16 +565,20 @@ def _get_affected(version: str, affected: str) -> bool:
    _version = version.split('.')
    _affected = affected.split('.')
-    if int(_version[0]) < int(_affected[0]):
+    if not _version[2].isdigit():
-        return True
+        _version[2] = _version[2].split('-')[0]
-    elif int(_version[0]) > int(_affected[0]):
-        return False
+    if _version[0].isdigit() and _version[1].isdigit() and _version[2].isdigit():
-    elif int(_version[1]) < int(_affected[1]):
+        if int(_version[0]) < int(_affected[0]):
-        return True
+            return True
-    elif int(_version[1]) > int(_affected[1]):
+        elif int(_version[0]) > int(_affected[0]):
-        return False
+            return False
-    elif int(_version[2]) <= int(_affected[2]):
+        elif int(_version[1]) < int(_affected[1]):
-        return True
+            return True
+        elif int(_version[1]) > int(_affected[1]):
+            return False
+        elif int(_version[2]) <= int(_affected[2]):
+            return True
    return False

--- a/cve_2021_44228_log4j.mkp
+++ b/cve_2021_44228_log4j.mkp
--- a/packages/cve_2021_44228_log4j
+++ b/packages/cve_2021_44228_log4j
@@ -35,9 +35,8 @@
                   'plugins/wato/cve_2021_44228_log4j.py',
                   'plugins/views/inv_cve_2021_22448_log4j.py']},
 'name': 'cve_2021_44228_log4j',
- 'num_files': 9,
 'title': 'CVE-2021-44228-log4j scanner plugin',
- 'version': '20221130.v0.1.4c',
+ 'version': '20230217.v0.1.4d',
 'version.min_required': '2.0.0',
- 'version.packaged': '2021.09.20',
+ 'version.packaged': '2.1.0p21',
 'version.usable_until': None}
\ No newline at end of file