diff --git a/src/manage_sql.c b/src/manage_sql.c index be266c79a..613775b10 100644 --- a/src/manage_sql.c +++ b/src/manage_sql.c @@ -20511,7 +20511,7 @@ init_cpe_match_nodes_iterator (iterator_t* iterator, const char *criteria) " JOIN scap.cpe_nodes_match_criteria c" " ON n.id = c.node_id" " JOIN scap.cpe_match_strings r" - " ON c.match_criteria = r.match_criteria_id" + " ON c.match_criteria_id = r.match_criteria_id" " WHERE criteria like '%s%%';", quoted_criteria); g_free (quoted_criteria); diff --git a/src/manage_sql_secinfo.c b/src/manage_sql_secinfo.c index 4e6d3d6fc..ed4903771 100644 --- a/src/manage_sql_secinfo.c +++ b/src/manage_sql_secinfo.c @@ -4043,6 +4043,31 @@ update_scap_cves () return 0; } +/** + * @brief Update SCAP affected products. + * + * Assume that the databases are attached. + * + * @return 0 success, -1 error. + */ +static int +update_scap_affected_products () +{ + g_info ("Updating affected products"); + + sql ("INSERT INTO scap2.affected_products" + " SELECT DISTINCT scap2.cpe_match_nodes.cve_id, scap2.cpes.id" + " FROM scap2.cpe_match_nodes, scap2.cpe_nodes_match_criteria," + " scap2.cpe_matches, scap2.cpes" + " WHERE scap2.cpe_match_nodes.id = scap2.cpe_nodes_match_criteria.node_id" + " AND scap2.cpe_nodes_match_criteria.vulnerable = 1" + " AND scap2.cpe_nodes_match_criteria.match_criteria_id =" + " scap2.cpe_matches.match_criteria_id" + " AND scap2.cpe_matches.cpe_name_id = scap2.cpes.cpe_name_id;"); + + return 0; +} + /** * @brief Insert a SCAP CPE match string from JSON. * @@ -5606,6 +5631,15 @@ update_scap (gboolean reset_scap_db) return -1; } + g_debug ("%s: update affected_products", __func__); + setproctitle ("Syncing SCAP: Updating affected products"); + + if (update_scap_affected_products () == -1) + { + abort_scap_update (); + return -1; + } + g_debug ("%s: updating user defined data", __func__); g_debug ("%s: update epss", __func__);