codesake-dawn 0.50 → 0.60

data/lib/codesake/dawn/knowledge_base.rb

@@ -2,6 +2,7 @@
 require "codesake/dawn/kb/basic_check"
 require "codesake/dawn/kb/pattern_match_check"
 require "codesake/dawn/kb/dependency_check"
+require "codesake/dawn/kb/ruby_version_check"
 
 # Q&A related checks
 require "codesake/dawn/kb/not_revised_code"
@@ -19,12 +20,37 @@ require "codesake/dawn/kb/cve_2012_6496"
 require "codesake/dawn/kb/cve_2012_6497"
 
 # CVE - 2013
+require "codesake/dawn/kb/cve_2013_0155"
+require "codesake/dawn/kb/cve_2013_0156"
+require "codesake/dawn/kb/cve_2013_0175"
+require "codesake/dawn/kb/cve_2013_0233"
+require "codesake/dawn/kb/cve_2013_0269"
+require "codesake/dawn/kb/cve_2013_0276"
+require "codesake/dawn/kb/cve_2013_0277"
+require "codesake/dawn/kb/cve_2013_0284"
+require "codesake/dawn/kb/cve_2013_0285"
+require "codesake/dawn/kb/cve_2013_0333"
+require "codesake/dawn/kb/cve_2013_1655"
+require "codesake/dawn/kb/cve_2013_1656"
+require "codesake/dawn/kb/cve_2013_1800"
+require "codesake/dawn/kb/cve_2013_1801"
+require "codesake/dawn/kb/cve_2013_1802"
+require "codesake/dawn/kb/cve_2013_1821"
+require "codesake/dawn/kb/cve_2013_1854"
 require "codesake/dawn/kb/cve_2013_1855"
+require "codesake/dawn/kb/cve_2013_1856"
 require "codesake/dawn/kb/cve_2013_1857"
-require "codesake/dawn/kb/cve_2013_1800"
-require "codesake/dawn/kb/cve_2013_0333"
-require "codesake/dawn/kb/cve_2013_0269"
-require "codesake/dawn/kb/cve_2013_0155"
+require "codesake/dawn/kb/cve_2013_1875"
+require "codesake/dawn/kb/cve_2013_1898"
+require "codesake/dawn/kb/cve_2013_1911"
+require "codesake/dawn/kb/cve_2013_1933"
+require "codesake/dawn/kb/cve_2013_1947"
+require "codesake/dawn/kb/cve_2013_1948"
+require "codesake/dawn/kb/cve_2013_2615"
+require "codesake/dawn/kb/cve_2013_2616"
+require "codesake/dawn/kb/cve_2013_2617"
+require "codesake/dawn/kb/cve_2013_3221"
+
 
 module Codesake
   module Dawn
@@ -33,6 +59,7 @@ module Codesake
 
       DEPENDENCY_CHECK    = :dependency_check
       PATTERN_MATCH_CHECK = :pattern_match_check
+      RUBY_VERSION_CHECK  = :ruby_version_check
 
       def initialize
         @security_checks = Codesake::Dawn::KnowledgeBase.load_security_checks
@@ -91,12 +118,36 @@ module Codesake
           Codesake::Dawn::Kb::CVE_2012_3465.new, 
           Codesake::Dawn::Kb::CVE_2012_6496.new, 
           Codesake::Dawn::Kb::CVE_2012_6497.new,
-          Codesake::Dawn::Kb::CVE_2013_1855.new, 
-          Codesake::Dawn::Kb::CVE_2013_1800.new,
-          Codesake::Dawn::Kb::CVE_2013_0333.new,
+          Codesake::Dawn::Kb::CVE_2013_0155.new,
+          Codesake::Dawn::Kb::CVE_2013_0156.new,
+          Codesake::Dawn::Kb::CVE_2013_0175.new,
+          Codesake::Dawn::Kb::CVE_2013_0233.new,
           Codesake::Dawn::Kb::CVE_2013_0269.new,
+          Codesake::Dawn::Kb::CVE_2013_0276.new,
+          Codesake::Dawn::Kb::CVE_2013_0277.new,
+          Codesake::Dawn::Kb::CVE_2013_0284.new,
+          Codesake::Dawn::Kb::CVE_2013_0285.new,
+          Codesake::Dawn::Kb::CVE_2013_0333.new,
+          Codesake::Dawn::Kb::CVE_2013_1655.new,
+          Codesake::Dawn::Kb::CVE_2013_1656.new,
+          Codesake::Dawn::Kb::CVE_2013_1800.new,
+          Codesake::Dawn::Kb::CVE_2013_1801.new,
+          Codesake::Dawn::Kb::CVE_2013_1802.new,
+          Codesake::Dawn::Kb::CVE_2013_1821.new,
+          Codesake::Dawn::Kb::CVE_2013_1854.new, 
+          Codesake::Dawn::Kb::CVE_2013_1855.new, 
+          Codesake::Dawn::Kb::CVE_2013_1856.new, 
           Codesake::Dawn::Kb::CVE_2013_1857.new, 
-          Codesake::Dawn::Kb::CVE_2013_0155.new,
+          Codesake::Dawn::Kb::CVE_2013_1875.new, 
+          Codesake::Dawn::Kb::CVE_2013_1898.new, 
+          Codesake::Dawn::Kb::CVE_2013_1911.new, 
+          Codesake::Dawn::Kb::CVE_2013_1933.new, 
+          Codesake::Dawn::Kb::CVE_2013_1947.new, 
+          Codesake::Dawn::Kb::CVE_2013_1948.new, 
+          Codesake::Dawn::Kb::CVE_2013_2615.new, 
+          Codesake::Dawn::Kb::CVE_2013_2616.new, 
+          Codesake::Dawn::Kb::CVE_2013_2617.new, 
+          Codesake::Dawn::Kb::CVE_2013_3221.new, 
         ]
       end
     end

data/lib/codesake/dawn/version.rb

@@ -1,5 +1,5 @@
 module Codesake
   module Dawn
-    VERSION = "0.50"
+    VERSION = "0.60"
   end
 end

data/spec/lib/dawn/codesake_knowledgebase_spec.rb

@@ -96,5 +96,135 @@ describe "The Codesake Dawn knowledge base" do
     sc.class.should == Codesake::Dawn::Kb::CVE_2012_3465
   end
 
+  it "must have test for CVE_2013_1854" do
+    sc = kb.find("CVE-2013-1854")
+    sc.should_not   be_nil
+    sc.class.should == Codesake::Dawn::Kb::CVE_2013_1854
+  end
+
+  it "must have test for CVE_2013_1856" do
+    sc = kb.find("CVE-2013-1856")
+    sc.should_not   be_nil
+    sc.class.should == Codesake::Dawn::Kb::CVE_2013_1856
+  end
+
+  it "must have test for CVE_2013_0276" do
+    sc = kb.find("CVE-2013-0276")
+    sc.should_not   be_nil
+    sc.class.should == Codesake::Dawn::Kb::CVE_2013_0276
+  end
+
+  it "must have test for CVE_2013_0277" do
+    sc = kb.find("CVE-2013-0277")
+    sc.should_not   be_nil
+    sc.class.should == Codesake::Dawn::Kb::CVE_2013_0277
+  end
+
+  it "must have test for CVE_2013_0156" do
+    sc = kb.find("CVE-2013-0156")
+    sc.should_not   be_nil
+    sc.class.should == Codesake::Dawn::Kb::CVE_2013_0156
+  end
+
+  it "must have test for CVE-2013-2615" do
+    sc = kb.find("CVE-2013-2615")
+    sc.should_not   be_nil
+    sc.class.should == Codesake::Dawn::Kb::CVE_2013_2615
+  end
+
+  it "must have test for CVE-2013-1875" do
+    sc = kb.find("CVE-2013-1875")
+    sc.should_not   be_nil
+    sc.class.should == Codesake::Dawn::Kb::CVE_2013_1875
+  end
+
+  it "must have test for CVE-2013-1655" do
+    sc = kb.find("CVE-2013-1655")
+    sc.should_not   be_nil
+    sc.class.should == Codesake::Dawn::Kb::CVE_2013_1655
+  end
+  it "must have test for CVE-2013-1656" do
+    sc = kb.find("CVE-2013-1656")
+    sc.should_not   be_nil
+    sc.class.should == Codesake::Dawn::Kb::CVE_2013_1656
+  end
+
+  it "must have test for CVE-2013-0175" do
+    sc = kb.find("CVE-2013-0175")
+    sc.should_not   be_nil
+    sc.class.should == Codesake::Dawn::Kb::CVE_2013_0175
+  end
+  it "must have test for CVE-2013-0233" do
+    sc = kb.find("CVE-2013-0233")
+    sc.should_not   be_nil
+    sc.class.should == Codesake::Dawn::Kb::CVE_2013_0233
+  end
+  it "must have test for CVE-2013-0284" do
+    sc = kb.find("CVE-2013-0284")
+    sc.should_not   be_nil
+    sc.class.should == Codesake::Dawn::Kb::CVE_2013_0284
+  end
+  it "must have test for CVE-2013-0285" do
+    sc = kb.find("CVE-2013-0285")
+    sc.should_not   be_nil
+    sc.class.should == Codesake::Dawn::Kb::CVE_2013_0285
+  end
+  it "must have test for CVE-2013-1801" do
+    sc = kb.find("CVE-2013-1801")
+    sc.should_not   be_nil
+    sc.class.should == Codesake::Dawn::Kb::CVE_2013_1801
+  end
+  it "must have test for CVE-2013-1802" do
+    sc = kb.find("CVE-2013-1802")
+    sc.should_not   be_nil
+    sc.class.should == Codesake::Dawn::Kb::CVE_2013_1802
+  end
+  it "must have test for CVE-2013-1821" do
+    sc = kb.find("CVE-2013-1821")
+    sc.should_not   be_nil
+    sc.class.should == Codesake::Dawn::Kb::CVE_2013_1821
+  end
+  it "must have test for CVE-2013-1898" do
+    sc = kb.find("CVE-2013-1898")
+    sc.should_not   be_nil
+    sc.class.should == Codesake::Dawn::Kb::CVE_2013_1898
+  end
+  it "must have test for CVE-2013-1911" do
+    sc = kb.find("CVE-2013-1911")
+    sc.should_not   be_nil
+    sc.class.should == Codesake::Dawn::Kb::CVE_2013_1911
+  end
+  it "must have test for CVE-2013-1933" do
+    sc = kb.find("CVE-2013-1933")
+    sc.should_not   be_nil
+    sc.class.should == Codesake::Dawn::Kb::CVE_2013_1933
+  end
+  it "must have test for CVE-2013-1947" do
+    sc = kb.find("CVE-2013-1947")
+    sc.should_not   be_nil
+    sc.class.should == Codesake::Dawn::Kb::CVE_2013_1947
+  end
+  it "must have test for CVE-2013-1948" do
+    sc = kb.find("CVE-2013-1948")
+    sc.should_not   be_nil
+    sc.class.should == Codesake::Dawn::Kb::CVE_2013_1948
+  end
+  it "must have test for CVE-2013-2616" do
+    sc = kb.find("CVE-2013-2616")
+    sc.should_not   be_nil
+    sc.class.should == Codesake::Dawn::Kb::CVE_2013_2616
+  end
+  it "must have test for CVE-2013-2617" do
+    sc = kb.find("CVE-2013-2617")
+    sc.should_not   be_nil
+    sc.class.should == Codesake::Dawn::Kb::CVE_2013_2617
+  end
+  it "must have test for CVE-2013-3221" do
+    sc = kb.find("CVE-2013-3221")
+    sc.should_not   be_nil
+    sc.class.should == Codesake::Dawn::Kb::CVE_2013_3221
+  end
+
+
 
 end

data/spec/lib/dawn/codesake_rails_engine_spec.rb

@@ -0,0 +1,12 @@
+require 'spec_helper'
+
+describe "The Codesake::Dawn engine for rails applications" do
+  before(:all){@engine = Codesake::Dawn::Rails.new}
+
+  it "detects the version used in the hello_world_3.1.0 application" do
+    @engine.set_target("./spec/support/hello_world_3.1.0")
+    @engine.ruby_version[:version].should == RUBY_VERSION
+    @engine.ruby_version[:patchlevel].should == "p#{RUBY_PATCHLEVEL}"
+  end
+
+end

data/spec/lib/dawn/codesake_sinatra_engine_spec.rb

@@ -60,6 +60,10 @@ describe "The Codesake::Dawn engine for sinatra applications" do
       @engine.target_is_dir?.should  be_true
     end
 
+    it "detects running ruby as the one to be checked against" do
+      @engine.ruby_version[:version].should == RUBY_VERSION
+    end
+
     it "reports it's vulnerable to CVE-2013-1800" do
       @engine.is_vulnerable_to?("CVE-2013-1800").should be_true
     end

data/spec/lib/kb/codesake_cve_2013_0175_spec.rb

@@ -0,0 +1,35 @@
+require 'spec_helper'
+
+describe "CVE-2013-0175 security check" do
+  let (:check) {Codesake::Dawn::Kb::CVE_2013_0175.new}
+  it "knows its name" do
+    check.name.should == "CVE-2013-0175"
+  end 
+  it "has a 7.5 cvss score" do
+    check.cvss_score == 7.5
+  end
+
+  it "fires when multi_xml vulnerable gem it has been found" do
+    check.dependencies = [{:name=>"multi_xml", :version=>"0.5.2"}]
+    check.vuln?.should be_true
+  end
+  it "fires when Grape vulnerable gem it has been found" do
+    check.dependencies = [{:name=>"grape", :version=>"0.2.5"}]
+    check.vuln?.should be_true
+  end
+  it "fires when multi_xml gem is not vulnerable but Grape is" do
+    check.dependencies = [{:name=>"grape", :version=>"0.2.5"}, {:name=>"multi_xml", :version=>"0.5.3"}]
+    check.vuln?.should be_true
+  end
+  it "fires when multi_xml gem is vulnerable but Grape is not" do
+    check.dependencies = [{:name=>"grape", :version=>"0.2.6"}, {:name=>"multi_xml", :version=>"0.5.2"}]
+    check.vuln?.should be_true
+  end
+
+  it "doesn't fire when no vulnerabilities were found" do
+    check.dependencies = [{:name=>"grape", :version=>"0.2.6"}, {:name=>"multi_xml", :version=>"0.5.3"}]
+    check.vuln?.should be_false
+  end
+
+
+end

data/spec/lib/kb/codesake_ruby_version_check_spec.rb

@@ -0,0 +1,39 @@
+require 'spec_helper'
+
+class Mockup
+  include Codesake::Dawn::Kb::RubyVersionCheck
+
+  def initialize
+    message = "This is a mock"
+    super(
+      :kind=>Codesake::Dawn::KnowledgeBase::RUBY_VERSION_CHECK, 
+      :applies=>['sinatra', 'padrino', 'rails'],
+      :message=> message
+    )
+
+    self.safe_rubies = [{:version=>"1.9.3", :patchlevel=>"p392"}, {:version=>"2.0.0", :patchlevel=>"p0"}]
+  end
+end
+
+describe "The security check for Ruby interpreter version" do
+  let (:check) {Mockup.new}
+
+  it "fires if ruby version is vulnerable" do
+    check.detected_ruby = {:version=>"1.9.2", :patchlevel=>"p10000"}
+    check.vuln?.should    be_true
+  end
+  it "doesn't fire if ruby version is not vulnerable and patchlevel is not vulnerable" do
+    check.detected_ruby = {:version=>"1.9.4", :patchlevel=>"p10000"}
+    check.vuln?.should    be_false
+  end
+
+  it "doesn't fire if ruby version is vulnerable and patchlevel is not vulnerable" do
+    check.detected_ruby = {:version=>"1.9.3", :patchlevel=>"p10000"}
+    check.vuln?.should    be_false
+  end
+
+  it "fires if ruby version is vulnerable and patchlevel is vulnerable" do
+    check.detected_ruby = {:version=>"1.9.3", :patchlevel=>"p391"}
+    check.vuln?.should    be_true
+  end
+end

data/spec/spec_helper.rb

@@ -1 +1 @@
-require 'codesake_dawn'
+require 'codesake-dawn'

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: codesake-dawn
 version: !ruby/object:Gem::Version
-  version: '0.50'
+  version: '0.60'
   prerelease: 
 platform: ruby
 authors:
@@ -9,24 +9,24 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2013-05-13 00:00:00.000000000 Z
+date: 2013-05-28 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: codesake_commons
   requirement: !ruby/object:Gem::Requirement
     none: false
     requirements:
-    - - ! '>'
+    - - ! '>='
       - !ruby/object:Gem::Version
-        version: 0.50.0
+        version: 0.67.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     none: false
     requirements:
-    - - ! '>'
+    - - ! '>='
       - !ruby/object:Gem::Version
-        version: 0.50.0
+        version: 0.67.0
 - !ruby/object:Gem::Dependency
   name: cvss
   requirement: !ruby/object:Gem::Requirement
@@ -75,6 +75,54 @@ dependencies:
     - - ! '>='
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: tomdoc
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: aruba
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: simplecov
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
 description: dawn is a security static source code analyzer for web applications written
   in ruby. It supports major MVC frameworks like sinatra, padrino and ruby on rails.
   dawn output is a list of security vulnerabilities affecting your code with a suggestion
@@ -87,14 +135,21 @@ extensions: []
 extra_rdoc_files: []
 files:
 - .gitignore
-- .rvmrc
+- .ruby-gemset
+- .ruby-version
+- Competitive_matrix.md
 - Gemfile
 - LICENSE.txt
 - README.md
 - Rakefile
 - Roadmap.md
+- TODO.md
 - bin/dawn
 - codesake_dawn.gemspec
+- features/dawn_complains_about_an_incorrect_command_line.feature
+- features/dawn_scan_a_secure_sinatra_app.feature
+- features/step_definition/dawn_steps.rb
+- features/support/env.rb
 - lib/codesake-dawn.rb
 - lib/codesake/dawn/engine.rb
 - lib/codesake/dawn/kb/basic_check.rb
@@ -107,34 +162,48 @@ files:
 - lib/codesake/dawn/kb/cve_2012_6496.rb
 - lib/codesake/dawn/kb/cve_2012_6497.rb
 - lib/codesake/dawn/kb/cve_2013_0155.rb
+- lib/codesake/dawn/kb/cve_2013_0156.rb
+- lib/codesake/dawn/kb/cve_2013_0175.rb
+- lib/codesake/dawn/kb/cve_2013_0233.rb
 - lib/codesake/dawn/kb/cve_2013_0269.rb
+- lib/codesake/dawn/kb/cve_2013_0276.rb
+- lib/codesake/dawn/kb/cve_2013_0277.rb
+- lib/codesake/dawn/kb/cve_2013_0284.rb
+- lib/codesake/dawn/kb/cve_2013_0285.rb
 - lib/codesake/dawn/kb/cve_2013_0333.rb
+- lib/codesake/dawn/kb/cve_2013_1655.rb
+- lib/codesake/dawn/kb/cve_2013_1656.rb
 - lib/codesake/dawn/kb/cve_2013_1800.rb
+- lib/codesake/dawn/kb/cve_2013_1801.rb
+- lib/codesake/dawn/kb/cve_2013_1802.rb
+- lib/codesake/dawn/kb/cve_2013_1821.rb
+- lib/codesake/dawn/kb/cve_2013_1854.rb
 - lib/codesake/dawn/kb/cve_2013_1855.rb
+- lib/codesake/dawn/kb/cve_2013_1856.rb
 - lib/codesake/dawn/kb/cve_2013_1857.rb
+- lib/codesake/dawn/kb/cve_2013_1875.rb
+- lib/codesake/dawn/kb/cve_2013_1898.rb
+- lib/codesake/dawn/kb/cve_2013_1911.rb
+- lib/codesake/dawn/kb/cve_2013_1933.rb
+- lib/codesake/dawn/kb/cve_2013_1947.rb
+- lib/codesake/dawn/kb/cve_2013_1948.rb
+- lib/codesake/dawn/kb/cve_2013_2615.rb
+- lib/codesake/dawn/kb/cve_2013_2616.rb
+- lib/codesake/dawn/kb/cve_2013_2617.rb
+- lib/codesake/dawn/kb/cve_2013_3221.rb
 - lib/codesake/dawn/kb/dependency_check.rb
 - lib/codesake/dawn/kb/not_revised_code.rb
 - lib/codesake/dawn/kb/pattern_match_check.rb
+- lib/codesake/dawn/kb/ruby_version_check.rb
 - lib/codesake/dawn/knowledge_base.rb
 - lib/codesake/dawn/rails.rb
 - lib/codesake/dawn/sinatra.rb
 - lib/codesake/dawn/version.rb
 - spec/lib/dawn/codesake_knowledgebase_spec.rb
+- spec/lib/dawn/codesake_rails_engine_spec.rb
 - spec/lib/dawn/codesake_sinatra_engine_spec.rb
-- spec/lib/kb/codesake_cve_2013_1800_spec.rb
-- spec/lib/kb/codesake_cve_2013_1855_spec.rb
-- spec/lib/kb/cve_2011_2931_spec.rb
-- spec/lib/kb/cve_2012_2660_spec.rb
-- spec/lib/kb/cve_2012_2661_spec.rb
-- spec/lib/kb/cve_2012_2694_spec.rb
-- spec/lib/kb/cve_2012_2695_spec.rb
-- spec/lib/kb/cve_2012_3465_spec.rb
-- spec/lib/kb/cve_2012_6496_spec.rb
-- spec/lib/kb/cve_2012_6497_spec.rb
-- spec/lib/kb/cve_2013_0155_spec.rb
-- spec/lib/kb/cve_2013_0269_spec.rb
-- spec/lib/kb/cve_2013_0333_spec.rb
-- spec/lib/kb/cve_2013_1857_spec.rb
+- spec/lib/kb/codesake_cve_2013_0175_spec.rb
+- spec/lib/kb/codesake_ruby_version_check_spec.rb
 - spec/spec_helper.rb
 - spec/support/hello_world_3.0.19/.gitignore
 - spec/support/hello_world_3.0.19/Gemfile
@@ -316,7 +385,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: '0'
       segments:
       - 0
-      hash: 3223005256600909470
+      hash: 4144472411104473385
 required_rubygems_version: !ruby/object:Gem::Requirement
   none: false
   requirements:
@@ -325,31 +394,24 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
       segments:
       - 0
-      hash: 3223005256600909470
+      hash: 4144472411104473385
 requirements: []
 rubyforge_project: 
-rubygems_version: 1.8.24
+rubygems_version: 1.8.25
 signing_key: 
 specification_version: 3
 summary: dawn is a security static source code analyzer for sinatra, padrino and ruby
   on rails web applicartions.
 test_files:
+- features/dawn_complains_about_an_incorrect_command_line.feature
+- features/dawn_scan_a_secure_sinatra_app.feature
+- features/step_definition/dawn_steps.rb
+- features/support/env.rb
 - spec/lib/dawn/codesake_knowledgebase_spec.rb
+- spec/lib/dawn/codesake_rails_engine_spec.rb
 - spec/lib/dawn/codesake_sinatra_engine_spec.rb
-- spec/lib/kb/codesake_cve_2013_1800_spec.rb
-- spec/lib/kb/codesake_cve_2013_1855_spec.rb
-- spec/lib/kb/cve_2011_2931_spec.rb
-- spec/lib/kb/cve_2012_2660_spec.rb
-- spec/lib/kb/cve_2012_2661_spec.rb
-- spec/lib/kb/cve_2012_2694_spec.rb
-- spec/lib/kb/cve_2012_2695_spec.rb
-- spec/lib/kb/cve_2012_3465_spec.rb
-- spec/lib/kb/cve_2012_6496_spec.rb
-- spec/lib/kb/cve_2012_6497_spec.rb
-- spec/lib/kb/cve_2013_0155_spec.rb
-- spec/lib/kb/cve_2013_0269_spec.rb
-- spec/lib/kb/cve_2013_0333_spec.rb
-- spec/lib/kb/cve_2013_1857_spec.rb
+- spec/lib/kb/codesake_cve_2013_0175_spec.rb
+- spec/lib/kb/codesake_ruby_version_check_spec.rb
 - spec/spec_helper.rb
 - spec/support/hello_world_3.0.19/.gitignore
 - spec/support/hello_world_3.0.19/Gemfile