This ebuild installs a few perl scripts that helps with intergration of nessus reports into the prelude framework.
Created attachment 10918 [details] Eduild file
Althought the scripts doesn't need libprelude itself, it would be nice if libprelude/prelude-manager could be installed the gentoo-way to simplify maintainence.
Stop the press! Found a bug (or a few) that causes the nessus client to dump core! I am fixing the patch as we speak and will upload a new patch to this bug once the bug has been squashed. Thanks!
Its been a month, have you found an update for this yet?
No, the patch is still pending. What I could do is to commit another way to load nessus results, but that one inserts the alerts straight into database without using the prelude API, so it is not a very clean solution. I'll get some time tonight to start investigate this on my own..
A quick update on this issue: With the help of Yoann (prelude author) the show stopper bug was squashed. However, as insecure coding practices was detected in the patch, Yoann opted for re-writing the patch from scratch (~1000 lines). As soon as Yoann has re-written the patch I'll submit a new ebuild for it.
Yoann has written the patch for this, but he wanted to wait just a little while before sharing with the world. That was a week or two ago and he might be ready now.
Hi Michael, since the author didn't version is scripts, I just took a snapshot and sent that to distfiles, taking the release date as version number. The package should be available soon as net-analyzer/prelude-nessus. Since I don't know prelude at all and therefore don't understand much beyond your comment #1, I'd like to know if you think this bug can be closed now.
Please dont close this bug yet until mboman has had a chance to confirm that the non exploitable version got commited.
Oh, I thought that this patching business was about prelude itself, not about these perl scripts which are 639 lines total - a 1000 lines patch for that? A bit confusing. Should I mask the just committed package?
Comment on attachment 10918 [details] Eduild file Sorry for the confusion. This was the ebuild for the perl scripts that loads the report straight into DB. Will soon (a couple of hours at most) upload new ebuild and patch file for nessus. I haven't seen Yoann's re-worked patch yet so I'll use the one that was fixed.
Created attachment 16152 [details, diff] Patch against current nessus-core-2.0.7.ebuild I opted to supply a patch instead of complete ebuild. Very small changes to the ebuild actually ;)
Created attachment 16153 [details, diff] The patch that fixes the upstream patch.. This is a patch that fixes the heap corruption / buffer overflow that exists in the original patch.
Sorry, I am a bit confused. Just to make sure I got this right: - there are some perl scripts which allow nessus scan reports to be put into some DB for prelude (done) - there are patches for nessus which somehow make nessus usable/better usable with prelude (not done) - these patches are a bit broken and need to be patched (not done) Is this correct?
> - there are some perl scripts which allow nessus scan reports to be put into > some DB for prelude (done) Yes, but they reqire direct access to the database, instead just a connection to the manager. It does make a differance when it comes to a large distributed envirotment. > - there are patches for nessus which somehow make nessus usable/better usable > with prelude (not done) These patches are done. Ok, they won't win a beauty contest, and they are broken, but they are there.. > - these patches are a bit broken and need to be patched (not done) Correct, the upstream patches are broken. The upstream patches are fixed (patched) by attachment 16153 [details, diff] (the "The patch that fixes the upstream patch.." file linked above). Somehow I have problem compiling nessus 2.0.7 on my development box. If you just rename the patched ebuild to a 2.0.6a-rX release it works fine thought. I think the nessus upstream is borked (less probability), or my development machine is borked (higher probability). I hope this clear up the confusion. If not please post another bug note ;)
Put 2.0.7-r1 into portage - solar, could you please test how it works with prelude? I have no clue of it. Just tried a nessus run, seems to function as usual.
Regarding it as fixed - please reopen if there are problems.
