vuln ---- Description =========== * Raise an alert if an installed package version is in a version range * If the package is not installed, do not raise an alert Example rule ============ :: [ { "pkgname": "kernel", "minver": "2.6.18-238.19.1.el5", "firstver": "2.6.18-238" }, { "pkgname": "kernel-xen", "minver": "2.6.18-238.19.1.el5" } ] Form definition =============== :: Desc: | A rule defining a list of vulnerable packages and their minimum release version fixing the vulnerability. Css: comp48 Outputs: - Dest: compliance variable Type: json Format: list of dict Class: vuln Inputs: - Id: pkgname Label: Package name DisplayModeLabel: pkgname LabelCss: pkg16 Mandatory: Yes Type: string Help: The package name, as known to the target system's package manager. - Id: firstver Label: First vulnerable version DisplayModeLabel: firstver LabelCss: pkg16 Mandatory: No Type: string Help: The first vulnerable package version. In the security context, the package version introducing the vulnerability. - Id: minver Label: Minimum version DisplayModeLabel: minver LabelCss: pkg16 Mandatory: Yes Type: string Help: The package minimum version. In the security context, the package version fixing the vulnerability.