From 2a565cd975278be04ecc1c43ded1cce1e6e41cfe Mon Sep 17 00:00:00 2001 From: didier Date: Fri, 22 Nov 2024 21:10:31 +0100 Subject: [PATCH] fix bug in notification --- app/Console/Commands/CVESearch.php | 32 +++++++++++++++++--- app/Console/Commands/CertificateExpiracy.php | 4 +-- 2 files changed, 29 insertions(+), 7 deletions(-) diff --git a/app/Console/Commands/CVESearch.php b/app/Console/Commands/CVESearch.php index 9249c372..acb0f5a3 100644 --- a/app/Console/Commands/CVESearch.php +++ b/app/Console/Commands/CVESearch.php @@ -163,10 +163,11 @@ public function handle() if (strtotime($cve->cveMetadata->datePublished)>= $min_timestamp) { // put summary in lowercase $text= strtolower($cve->containers->cna->title); - // Log::debug('CVESearch - CVE summary ' . $cve->summary); + Log::debug('CVESearch - CVE text ' . $text); foreach ($names as $name) { // Log::debug('CVESearch - check ' . $name); if (str_contains($text, $name)) { + Log::debug('CVESearch - found ' . $name); $message .= '' . $name . ' : ' . $cve->cveMetadata->cveId . ' - ' . $cve->details . '
'; $found=true; } @@ -177,25 +178,46 @@ public function handle() if (strtotime($cve->published)>= $min_timestamp) { // put summary in lowercase $text= strtolower($cve->details); - // Log::debug('CVESearch - CVE summary ' . $cve->summary); + Log::debug('CVESearch - CVE text ' . $text); foreach ($names as $name) { - // Log::debug('CVESearch - check ' . $name); if (str_contains($text, $name)) { + Log::debug('CVESearch - found ' . $name); $message .= '' . $name . ' : ' . $cve->aliases[0] . ' - ' . $cve->details . '
'; $found=true; } } } + } + elseif (property_exists($cve,"document") && + property_exists($cve->document,"category") && + ($cve->document->category == "csaf_security_advisory")) { + if (strtotime($cve->document->tracking->current_release_date)>= $min_timestamp) { + // put summary in lowercase + $text= strtolower($cve->document->title); + Log::debug('CVESearch - CVE text ' . $text); + foreach ($names as $name) { + if (str_contains($text, $name)) { + Log::debug('CVESearch - found ' . $name); + $message .= '' . $name . ' : ' . $cve->document->title . ' - ' . $cve->document->notes[0]->text . '
'; + $found=true; + } + } + } + + } else { Log::error("Unknown CVE format !"); - Log::error(json_encode($cve)); + print_r("Unknwon CVE format:\n"); + print_r($cve); } } $message .= ''; if ($found) { + Log::debug("CVESearch - Message {$message}"); + // Send mail $mail = new PHPMailer(true); @@ -214,7 +236,7 @@ public function handle() // Recipients $mail->setFrom(config('mercator-config.cve.mail-from')); - foreach(explode(",",$mail_to) as $email) + foreach(explode(",",config('mercator-config.cve.mail-to')) as $email) $mail->addAddress($email); // Content diff --git a/app/Console/Commands/CertificateExpiracy.php b/app/Console/Commands/CertificateExpiracy.php index ec2c5276..ec09d799 100644 --- a/app/Console/Commands/CertificateExpiracy.php +++ b/app/Console/Commands/CertificateExpiracy.php @@ -111,8 +111,8 @@ public function handle() $mail->Port = env('MAIL_PORT'); // TCP port to connect to // Recipients - $mail->setFrom(config('mercator-config.cert.mail-from')); - foreach(explode(",",config('mercator-config.cert.mail-to')) as $email) + $mail->setFrom($mail_from); + foreach(explode(",",$to_email) as $email) $mail->addAddress($email); // Content