Thomas Shone
Thomas Shone
@enygma For the ubuntu distributions, we could parse `https://launchpad.net/ubuntu/+source/php5/` and loop through the security branches (e.g.: `https://launchpad.net/ubuntu/+source/php5/5.5.9+dfsg-1ubuntu4.4` then `https://launchpad.net/ubuntu/+source/php5/5.5.9+dfsg-1ubuntu4.3`, etc) and regex match against CVE-\d{4/}-\d{2}. Then we build up a...
@enygma, I've put a prototype up here https://github.com/xsist10/versionscan/tree/ubuntu-releases if you care to give it a look. Test like so: ``` # 2 failures /bin/versionscan scan --php-version="5.5.9-1ubuntu4.4" # 4 failures /bin/versionscan...
Added the ubuntu scrapper to the gist with the check scrapper: https://gist.github.com/xsist10/f623f03634c73a8ad0ac
I think we may need to build a list of patch masks. I've come across the following already: - 5.5.12-2ubuntu4 - 5.5.12+dfsg-2ubuntu4 - 5.4.4-14+deb7u12 - 5.6.0-1+deb.sury.org~trusty+1 The last was on...
Sorry about the delay. Here are the Debian patches. Just need to put together the redhat versions. Give it a test here: https://github.com/xsist10/versionscan/tree/ubuntu-releases ``` # 10 failures ./bin/versionscan scan --php-version="5.4.4-14+deb7u12"...
Added Redhat versions. I'll clean up the scrapers so anyone can update the files. ``` # 17 failures .bin/versionscan scan --php-version php-5.4.16 # 4 failures .bin/versionscan scan --php-version php-5.4.16-23.el7_0 ```
Pull request https://github.com/psecio/versionscan/pull/7
Gist has been updated with Debian and Redhat scrappers (warning, they could take a couple of runs to finish if Kimono decides to block your requests after too many). https://gist.github.com/xsist10/f623f03634c73a8ad0ac
What does $ php --version return? Same response or a more useful tag? On 24 Jan 2015 9:48 AM, "Remi Collet" [email protected] wrote: > Notice, on RHEL/Fedora/CentOS, PHP_VERSION is upstream...
We could definitely include that for systems that detect the `rpm` package manager. We'd need to just have an over-ride so if a custom version is specified using the `--php-version=4.3.2`...