puppet-lint-infrasecure 1.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (64) hide show
  1. checksums.yaml +7 -0
  2. data/README.md +81 -0
  3. data/lib/puppet-lint/linter.rb +132 -0
  4. data/lib/puppet-lint/plugins/check_admin_by_default.rb +26 -0
  5. data/lib/puppet-lint/plugins/check_cyrillic_homograph_attack.rb +19 -0
  6. data/lib/puppet-lint/plugins/check_empty_password.rb +26 -0
  7. data/lib/puppet-lint/plugins/check_hard_coded_secret.rb +31 -0
  8. data/lib/puppet-lint/plugins/check_invalid_ip_addr_binding.rb +23 -0
  9. data/lib/puppet-lint/plugins/check_malicious_dependency.rb +24 -0
  10. data/lib/puppet-lint/plugins/check_suspicious_comment.rb +19 -0
  11. data/lib/puppet-lint/plugins/check_use_http_without_tls.rb +27 -0
  12. data/lib/puppet-lint/plugins/check_use_of_weak_crypto_algorithm.rb +21 -0
  13. data/lib/puppet-lint/plugins/check_weak_password.rb +27 -0
  14. data/lib/puppet-lint-infrasecure/config/dependencies.yml +33 -0
  15. data/lib/puppet-lint-infrasecure/config/whitelist +19 -0
  16. data/lib/puppet-lint-infrasecure/dependencies/activemq.json +407 -0
  17. data/lib/puppet-lint-infrasecure/dependencies/apt.json +453 -0
  18. data/lib/puppet-lint-infrasecure/dependencies/cassandra.json +122 -0
  19. data/lib/puppet-lint-infrasecure/dependencies/docker.json +200 -0
  20. data/lib/puppet-lint-infrasecure/dependencies/elasticsearch.json +32 -0
  21. data/lib/puppet-lint-infrasecure/dependencies/gitlab.json +1161 -0
  22. data/lib/puppet-lint-infrasecure/dependencies/grafana.json +31 -0
  23. data/lib/puppet-lint-infrasecure/dependencies/haproxy.json +159 -0
  24. data/lib/puppet-lint-infrasecure/dependencies/jenkins.json +876 -0
  25. data/lib/puppet-lint-infrasecure/dependencies/jira.json +460 -0
  26. data/lib/puppet-lint-infrasecure/dependencies/kafka.json +32 -0
  27. data/lib/puppet-lint-infrasecure/dependencies/kubernetes.json +123 -0
  28. data/lib/puppet-lint-infrasecure/dependencies/mongodb.json +156 -0
  29. data/lib/puppet-lint-infrasecure/dependencies/mysql.json +14549 -0
  30. data/lib/puppet-lint-infrasecure/dependencies/nagios_core.json +8 -0
  31. data/lib/puppet-lint-infrasecure/dependencies/nginx.json +1322 -0
  32. data/lib/puppet-lint-infrasecure/dependencies/nodejs.json +247 -0
  33. data/lib/puppet-lint-infrasecure/dependencies/ntp.json +2163 -0
  34. data/lib/puppet-lint-infrasecure/dependencies/openstack.json +447 -0
  35. data/lib/puppet-lint-infrasecure/dependencies/openvpn.json +816 -0
  36. data/lib/puppet-lint-infrasecure/dependencies/postgresql.json +4256 -0
  37. data/lib/puppet-lint-infrasecure/dependencies/puppet_agent.json +23 -0
  38. data/lib/puppet-lint-infrasecure/dependencies/python.json +1134 -0
  39. data/lib/puppet-lint-infrasecure/dependencies/rabbitmq.json +602 -0
  40. data/lib/puppet-lint-infrasecure/dependencies/redis.json +51 -0
  41. data/lib/puppet-lint-infrasecure/dependencies/ruby.json +487 -0
  42. data/lib/puppet-lint-infrasecure/dependencies/sqlite.json +52 -0
  43. data/lib/puppet-lint-infrasecure/dependencies/systemd.json +180 -0
  44. data/lib/puppet-lint-infrasecure/dependencies/tomcat.json +8635 -0
  45. data/lib/puppet-lint-infrasecure/dependencies/vault.json +14 -0
  46. data/lib/puppet-lint-infrasecure/dependencies/wget.json +129 -0
  47. data/lib/puppet-lint-infrasecure/dependencies/yum.json +14 -0
  48. data/lib/puppet-lint-infrasecure/dependencies/zabbix.json +940 -0
  49. data/lib/puppet-lint-infrasecure/regex.rb +18 -0
  50. data/lib/puppet-lint-infrasecure/rules.rb +51 -0
  51. data/lib/puppet-lint-infrasecure/version.rb +3 -0
  52. data/lib/puppet-lint-infrasecure.rb +62 -0
  53. data/spec/puppet-lint/plugins/check_admin_by_default_spec.rb +34 -0
  54. data/spec/puppet-lint/plugins/check_cyrillic_homograph_attack_spec.rb +22 -0
  55. data/spec/puppet-lint/plugins/check_empty_password_spec.rb +55 -0
  56. data/spec/puppet-lint/plugins/check_hard_coded_secret_spec.rb +53 -0
  57. data/spec/puppet-lint/plugins/check_invalid_ip_addr_binding_spec.rb +46 -0
  58. data/spec/puppet-lint/plugins/check_malicious_dependency_spec.rb +39 -0
  59. data/spec/puppet-lint/plugins/check_suspicious_comment_spec.rb +50 -0
  60. data/spec/puppet-lint/plugins/check_use_http_without_tls_spec.rb +100 -0
  61. data/spec/puppet-lint/plugins/check_use_of_weak_crypto_algorithm_spec.rb +42 -0
  62. data/spec/puppet-lint/plugins/check_weak_password_spec.rb +29 -0
  63. data/spec/spec_helper.rb +3 -0
  64. metadata +284 -0
data/lib/puppet-lint-infrasecure/dependencies/jira.json ADDED
@@ -0,0 +1,460 @@
1
+ {
2
+ "4.2.4": [
3
+ "CVE-2017-5983"
4
+ ],
5
+ "5.0.2": [
6
+ "CVE-2017-5983"
7
+ ],
8
+ "5.0.3": [
9
+ "CVE-2017-5983"
10
+ ],
11
+ "5.0.4": [
12
+ "CVE-2017-5983"
13
+ ],
14
+ "5.0.5": [
15
+ "CVE-2017-5983"
16
+ ],
17
+ "5.2.3": [
18
+ "CVE-2017-5983"
19
+ ],
20
+ "5.2.4": [
21
+ "CVE-2017-5983"
22
+ ],
23
+ "5.2.5": [
24
+ "CVE-2017-5983"
25
+ ],
26
+ "5.2.6": [
27
+ "CVE-2017-5983"
28
+ ],
29
+ "6.0.8": [
30
+ "CVE-2017-5983"
31
+ ],
32
+ "6.1": [
33
+ "CVE-2017-5983"
34
+ ],
35
+ "6.1.1": [
36
+ "CVE-2017-5983"
37
+ ],
38
+ "6.1.2": [
39
+ "CVE-2017-5983"
40
+ ],
41
+ "6.2.6": [
42
+ "CVE-2017-5983"
43
+ ],
44
+ "6.2.7": [
45
+ "CVE-2017-5983"
46
+ ],
47
+ "4.3.4": [
48
+ "CVE-2017-5983"
49
+ ],
50
+ "4.4": [
51
+ "CVE-2017-5983"
52
+ ],
53
+ "4.4.1": [
54
+ "CVE-2017-5983"
55
+ ],
56
+ "4.4.2": [
57
+ "CVE-2017-5983"
58
+ ],
59
+ "4.4.3": [
60
+ "CVE-2017-5983",
61
+ "CVE-2012-1500"
62
+ ],
63
+ "5.1.3": [
64
+ "CVE-2017-5983"
65
+ ],
66
+ "5.1.4": [
67
+ "CVE-2017-5983"
68
+ ],
69
+ "5.1.5": [
70
+ "CVE-2017-5983"
71
+ ],
72
+ "5.1.6": [
73
+ "CVE-2017-5983"
74
+ ],
75
+ "5.2.11": [
76
+ "CVE-2017-5983"
77
+ ],
78
+ "6.0": [
79
+ "CVE-2017-5983",
80
+ "CVE-2013-5319"
81
+ ],
82
+ "6.0.1": [
83
+ "CVE-2017-5983",
84
+ "CVE-2013-5319"
85
+ ],
86
+ "6.0.2": [
87
+ "CVE-2017-5983",
88
+ "CVE-2013-5319"
89
+ ],
90
+ "6.1.8": [
91
+ "CVE-2017-5983"
92
+ ],
93
+ "6.1.9": [
94
+ "CVE-2017-5983"
95
+ ],
96
+ "6.2": [
97
+ "CVE-2017-5983"
98
+ ],
99
+ "6.2.1": [
100
+ "CVE-2017-5983"
101
+ ],
102
+ "4.3": [
103
+ "CVE-2017-5983"
104
+ ],
105
+ "4.3.2": [
106
+ "CVE-2017-5983"
107
+ ],
108
+ "4.4.4": [
109
+ "CVE-2017-5983"
110
+ ],
111
+ "5.0": [
112
+ "CVE-2017-5983"
113
+ ],
114
+ "5.1": [
115
+ "CVE-2017-5983"
116
+ ],
117
+ "5.1.2": [
118
+ "CVE-2017-5983"
119
+ ],
120
+ "5.1.7": [
121
+ "CVE-2017-5983"
122
+ ],
123
+ "5.2": [
124
+ "CVE-2017-5983"
125
+ ],
126
+ "5.2.2": [
127
+ "CVE-2017-5983"
128
+ ],
129
+ "5.2.7": [
130
+ "CVE-2017-5983"
131
+ ],
132
+ "5.2.9": [
133
+ "CVE-2017-5983"
134
+ ],
135
+ "6.0.4": [
136
+ "CVE-2017-5983"
137
+ ],
138
+ "6.0.7": [
139
+ "CVE-2017-5983"
140
+ ],
141
+ "6.1.3": [
142
+ "CVE-2017-5983"
143
+ ],
144
+ "6.1.5": [
145
+ "CVE-2017-5983"
146
+ ],
147
+ "6.1.7": [
148
+ "CVE-2017-5983"
149
+ ],
150
+ "6.2.2": [
151
+ "CVE-2017-5983"
152
+ ],
153
+ "6.2.4": [
154
+ "CVE-2017-5983"
155
+ ],
156
+ "4.3.1": [
157
+ "CVE-2017-5983"
158
+ ],
159
+ "4.3.3": [
160
+ "CVE-2017-5983"
161
+ ],
162
+ "4.4.5": [
163
+ "CVE-2017-5983"
164
+ ],
165
+ "5.0.1": [
166
+ "CVE-2017-5983"
167
+ ],
168
+ "5.0.7": [
169
+ "CVE-2017-5983"
170
+ ],
171
+ "5.1.1": [
172
+ "CVE-2017-5983"
173
+ ],
174
+ "5.1.8": [
175
+ "CVE-2017-5983"
176
+ ],
177
+ "5.2.1": [
178
+ "CVE-2017-5983"
179
+ ],
180
+ "5.2.8": [
181
+ "CVE-2017-5983"
182
+ ],
183
+ "5.2.10": [
184
+ "CVE-2017-5983"
185
+ ],
186
+ "6.0.3": [
187
+ "CVE-2017-5983",
188
+ "CVE-2013-5319"
189
+ ],
190
+ "6.0.5": [
191
+ "CVE-2017-5983"
192
+ ],
193
+ "6.1.4": [
194
+ "CVE-2017-5983"
195
+ ],
196
+ "6.1.6": [
197
+ "CVE-2017-5983"
198
+ ],
199
+ "6.2.3": [
200
+ "CVE-2017-5983"
201
+ ],
202
+ "6.2.5": [
203
+ "CVE-2017-5983"
204
+ ],
205
+ "8.10.0": [
206
+ "CVE-2020-14174"
207
+ ],
208
+ "8.13.0": [
209
+ "CVE-2020-14184"
210
+ ],
211
+ "8.13.3": [
212
+ "CVE-2020-36231"
213
+ ],
214
+ "3.6.2_156": [
215
+ "CVE-2006-3338",
216
+ "CVE-2006-3339"
217
+ ],
218
+ "3.13.1": [
219
+ "CVE-2010-1164",
220
+ "CVE-2010-1165",
221
+ "CVE-2008-6531"
222
+ ],
223
+ "3.13.2": [
224
+ "CVE-2010-1164",
225
+ "CVE-2010-1165"
226
+ ],
227
+ "3.12.3": [
228
+ "CVE-2010-1164",
229
+ "CVE-2010-1165",
230
+ "CVE-2008-6531"
231
+ ],
232
+ "3.13": [
233
+ "CVE-2010-1164",
234
+ "CVE-2010-1165",
235
+ "CVE-2008-6531",
236
+ "CVE-2008-6831",
237
+ "CVE-2008-6832"
238
+ ],
239
+ "4.0.2": [
240
+ "CVE-2010-1164",
241
+ "CVE-2010-1165"
242
+ ],
243
+ "4.1": [
244
+ "CVE-2010-1164",
245
+ "CVE-2010-1165"
246
+ ],
247
+ "3.12.1": [
248
+ "CVE-2010-1164",
249
+ "CVE-2010-1165",
250
+ "CVE-2008-6531"
251
+ ],
252
+ "3.12.2": [
253
+ "CVE-2010-1164",
254
+ "CVE-2010-1165",
255
+ "CVE-2008-6531"
256
+ ],
257
+ "4.0": [
258
+ "CVE-2010-1164",
259
+ "CVE-2010-1165"
260
+ ],
261
+ "4.0.1": [
262
+ "CVE-2010-1164",
263
+ "CVE-2010-1165"
264
+ ],
265
+ "3.12": [
266
+ "CVE-2010-1164",
267
+ "CVE-2010-1165",
268
+ "CVE-2008-6531"
269
+ ],
270
+ "3.13.3": [
271
+ "CVE-2010-1164",
272
+ "CVE-2010-1165"
273
+ ],
274
+ "3.13.4": [
275
+ "CVE-2010-1164",
276
+ "CVE-2010-1165"
277
+ ],
278
+ "3.13.5": [
279
+ "CVE-2010-1164",
280
+ "CVE-2010-1165"
281
+ ],
282
+ "3.10.2": [
283
+ "CVE-2008-6531"
284
+ ],
285
+ "3.10": [
286
+ "CVE-2008-6531"
287
+ ],
288
+ "3.9.3": [
289
+ "CVE-2008-6531"
290
+ ],
291
+ "3.9.2": [
292
+ "CVE-2008-6531"
293
+ ],
294
+ "3.9.1": [
295
+ "CVE-2008-6531"
296
+ ],
297
+ "3.9": [
298
+ "CVE-2008-6531"
299
+ ],
300
+ "3.8.1": [
301
+ "CVE-2008-6531"
302
+ ],
303
+ "3.7.4": [
304
+ "CVE-2008-6531"
305
+ ],
306
+ "3.7.2": [
307
+ "CVE-2008-6531"
308
+ ],
309
+ "3.7": [
310
+ "CVE-2008-6531"
311
+ ],
312
+ "3.6.4": [
313
+ "CVE-2008-6531"
314
+ ],
315
+ "3.6.2": [
316
+ "CVE-2008-6531"
317
+ ],
318
+ "3.6": [
319
+ "CVE-2008-6531"
320
+ ],
321
+ "3.11": [
322
+ "CVE-2008-6531"
323
+ ],
324
+ "3.10.1": [
325
+ "CVE-2008-6531"
326
+ ],
327
+ "3.8": [
328
+ "CVE-2008-6531"
329
+ ],
330
+ "3.7.3": [
331
+ "CVE-2008-6531"
332
+ ],
333
+ "3.7.1": [
334
+ "CVE-2008-6531"
335
+ ],
336
+ "3.6.5": [
337
+ "CVE-2008-6531"
338
+ ],
339
+ "3.6.3": [
340
+ "CVE-2008-6531"
341
+ ],
342
+ "3.6.1": [
343
+ "CVE-2008-6531"
344
+ ],
345
+ "3.5.3": [
346
+ "CVE-2008-6531"
347
+ ],
348
+ "3.5.1": [
349
+ "CVE-2008-6531"
350
+ ],
351
+ "3.4.3": [
352
+ "CVE-2008-6531"
353
+ ],
354
+ "3.4.2": [
355
+ "CVE-2008-6531"
356
+ ],
357
+ "3.4.1": [
358
+ "CVE-2008-6531"
359
+ ],
360
+ "3.3.3": [
361
+ "CVE-2008-6531"
362
+ ],
363
+ "3.3.2": [
364
+ "CVE-2008-6531"
365
+ ],
366
+ "3.3.1": [
367
+ "CVE-2008-6531"
368
+ ],
369
+ "3.2.3": [
370
+ "CVE-2008-6531"
371
+ ],
372
+ "3.2.1": [
373
+ "CVE-2008-6531"
374
+ ],
375
+ "3.1.1": [
376
+ "CVE-2008-6531"
377
+ ],
378
+ "3.0.3": [
379
+ "CVE-2008-6531"
380
+ ],
381
+ "3.0.1": [
382
+ "CVE-2008-6531"
383
+ ],
384
+ "2.6.1": [
385
+ "CVE-2008-6531"
386
+ ],
387
+ "2.5.3": [
388
+ "CVE-2008-6531"
389
+ ],
390
+ "3.3": [
391
+ "CVE-2008-6531"
392
+ ],
393
+ "3.2.2": [
394
+ "CVE-2008-6531"
395
+ ],
396
+ "3.2": [
397
+ "CVE-2008-6531"
398
+ ],
399
+ "3.1": [
400
+ "CVE-2008-6531"
401
+ ],
402
+ "3.0.2": [
403
+ "CVE-2008-6531"
404
+ ],
405
+ "3.0": [
406
+ "CVE-2008-6531"
407
+ ],
408
+ "3.5.2": [
409
+ "CVE-2008-6531"
410
+ ],
411
+ "3.5": [
412
+ "CVE-2008-6531"
413
+ ],
414
+ "2.6": [
415
+ "CVE-2008-6531"
416
+ ],
417
+ "2.5.2": [
418
+ "CVE-2008-6531"
419
+ ],
420
+ "2.4.1": [
421
+ "CVE-2008-6531"
422
+ ],
423
+ "2.2.1": [
424
+ "CVE-2008-6531"
425
+ ],
426
+ "2.1": [
427
+ "CVE-2008-6531"
428
+ ],
429
+ "2.5.1": [
430
+ "CVE-2008-6531"
431
+ ],
432
+ "2.3": [
433
+ "CVE-2008-6531"
434
+ ],
435
+ "2.2": [
436
+ "CVE-2008-6531"
437
+ ],
438
+ "8.4.0": [
439
+ "CVE-2019-15001"
440
+ ],
441
+ "8": [
442
+ "CVE-2019-20101"
443
+ ],
444
+ "8.6.0": [
445
+ "CVE-2019-20106",
446
+ "CVE-2019-20901"
447
+ ],
448
+ "7.0.3": [
449
+ "CVE-2015-8481"
450
+ ],
451
+ "7.13.0": [
452
+ "CVE-2018-20239"
453
+ ],
454
+ "8.0.0": [
455
+ "CVE-2018-20239"
456
+ ],
457
+ "7.13.1": [
458
+ "CVE-2018-20239"
459
+ ]
460
+ }
data/lib/puppet-lint-infrasecure/dependencies/kafka.json ADDED
@@ -0,0 +1,32 @@
1
+ {
2
+ "2.8.0": [
3
+ "CVE-2021-38153"
4
+ ],
5
+ "2.7.0": [
6
+ "CVE-2020-27218"
7
+ ],
8
+ "2.0.0": [
9
+ "CVE-2019-12399"
10
+ ],
11
+ "2.0.1": [
12
+ "CVE-2019-12399"
13
+ ],
14
+ "2.1.0": [
15
+ "CVE-2019-12399"
16
+ ],
17
+ "2.1.1": [
18
+ "CVE-2019-12399"
19
+ ],
20
+ "2.2.0": [
21
+ "CVE-2019-12399"
22
+ ],
23
+ "2.2.1": [
24
+ "CVE-2019-12399"
25
+ ],
26
+ "2.3.0": [
27
+ "CVE-2019-12399"
28
+ ],
29
+ "1.0.0": [
30
+ "CVE-2018-1288"
31
+ ]
32
+ }
data/lib/puppet-lint-infrasecure/dependencies/kubernetes.json ADDED
@@ -0,0 +1,123 @@
1
+ {
2
+ "1.21.0": [
3
+ "CVE-2021-25737",
4
+ "CVE-2020-8562"
5
+ ],
6
+ "1.5.2": [
7
+ "CVE-2017-1000056"
8
+ ],
9
+ "1.5.1": [
10
+ "CVE-2017-1000056"
11
+ ],
12
+ "1.5.3": [
13
+ "CVE-2017-1000056"
14
+ ],
15
+ "1.5.4": [
16
+ "CVE-2017-1000056"
17
+ ],
18
+ "1.5.0": [
19
+ "CVE-2017-1000056"
20
+ ],
21
+ "1.6.1": [
22
+ "CVE-2017-1002100"
23
+ ],
24
+ "1.6.2": [
25
+ "CVE-2017-1002100"
26
+ ],
27
+ "1.6.3": [
28
+ "CVE-2017-1002100"
29
+ ],
30
+ "1.6.4": [
31
+ "CVE-2017-1002100"
32
+ ],
33
+ "1.6.5": [
34
+ "CVE-2017-1002100"
35
+ ],
36
+ "1.6.0": [
37
+ "CVE-2017-1002100"
38
+ ],
39
+ "1.18.0": [
40
+ "CVE-2020-8555"
41
+ ],
42
+ "1.20.11": [
43
+ "CVE-2020-8561"
44
+ ],
45
+ "1.21.5": [
46
+ "CVE-2020-8561"
47
+ ],
48
+ "1.22.2": [
49
+ "CVE-2020-8561"
50
+ ],
51
+ "1.14.0": [
52
+ "CVE-2019-1002101",
53
+ "CVE-2019-11248",
54
+ "CVE-2019-9946",
55
+ "CVE-2018-1002102"
56
+ ],
57
+ "1.13.0": [
58
+ "CVE-2019-11243",
59
+ "CVE-2019-11248"
60
+ ],
61
+ "1.13.6": [
62
+ "CVE-2019-11245",
63
+ "CVE-2019-11248",
64
+ "CVE-2019-9946"
65
+ ],
66
+ "1.14.2": [
67
+ "CVE-2019-11245",
68
+ "CVE-2019-11248"
69
+ ],
70
+ "1.12.11": [
71
+ "CVE-2019-11246",
72
+ "CVE-2019-11247",
73
+ "CVE-2019-11249"
74
+ ],
75
+ "1.13.3": [
76
+ "CVE-2019-11248"
77
+ ],
78
+ "1.13.4": [
79
+ "CVE-2019-11248"
80
+ ],
81
+ "1.13.7": [
82
+ "CVE-2019-11248"
83
+ ],
84
+ "1.14.3": [
85
+ "CVE-2019-11248"
86
+ ],
87
+ "1.15.0": [
88
+ "CVE-2019-11248"
89
+ ],
90
+ "1.13.1": [
91
+ "CVE-2019-11248"
92
+ ],
93
+ "1.13.2": [
94
+ "CVE-2019-11248"
95
+ ],
96
+ "1.13.5": [
97
+ "CVE-2019-11248"
98
+ ],
99
+ "1.14.1": [
100
+ "CVE-2019-11248"
101
+ ],
102
+ "1.13.8": [
103
+ "CVE-2019-11248"
104
+ ],
105
+ "1.14.4": [
106
+ "CVE-2019-11248"
107
+ ],
108
+ "1.16.0": [
109
+ "CVE-2019-11250"
110
+ ],
111
+ "1.15.4": [
112
+ "CVE-2019-11250"
113
+ ],
114
+ "1.15.3": [
115
+ "CVE-2019-11250"
116
+ ],
117
+ "1.1-1.12": [
118
+ "CVE-2019-11251"
119
+ ],
120
+ "1.9.12": [
121
+ "CVE-2018-1002105"
122
+ ]
123
+ }