feat(ubuntu): support Ubuntu ESM

[kotakanbe]

What did you implement:

The Ubuntu Security Tracker includes data for Ubuntu ESM.
This update enables Vuls to scan Ubuntu Linux versions even after their End of Life (EOL).
Information pertaining to Ubuntu ESM is available in a specific format; by incorporating this data into our search parameters, we can detect Vulns of Ubuntu ESM.

https://ubuntu.com/security/esm

sqlite> select distinct release_name from ubuntu_release_patches where release_name like '%esm%' limit 1000;
esm-apps/bionic
esm-apps/focal
esm-apps/jammy
esm-apps/xenial
esm-infra/xenial
precise/esm
ros-esm/bionic
ros-esm/xenial
trusty/esm

Type of change

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to not work as expected)
• This change requires a documentation update

How Has This Been Tested?

./gost.new version     gost v0.4.3 6886bb9
./gost.old version       gost v0.4.3 8dc024f

make diff-server-rdb-redis

make diff-server-rdb-redis                                                                                                                       ✔
integration/gost.new server --dbpath=integration/gost.new.sqlite3 --port 1325 > /dev/null 2>&1 &
integration/gost.new server --dbtype redis --dbpath "redis://127.0.0.1:6380/0" --port 1326 > /dev/null 2>&1 &
make diff-cveid
make[1]: ディレクトリ '/home/kota/go/src/github.com/vulsio/gost' に入ります
#@ python integration/diff_server_mode.py cveid --sample_rate 0.01 debian
INFO[05-23|04:04:02] start ubuntu server mode test(mode: cveid)
INFO[05-23|04:04:02] check the communication with the server
INFO[05-23|04:04:02] communication with the server has been confirmed
#@ python integration/diff_server_mode.py cveid --sample_rate 0.01 redhat
# @ python integration/diff_server_mode.py cveid --sample_rate 0.01 microsoft
make[1]: ディレクトリ '/home/kota/go/src/github.com/vulsio/gost' から出ます
make diff-cveids
make[1]: ディレクトリ '/home/kota/go/src/github.com/vulsio/gost' に入ります
#@ python integration/diff_server_mode.py cveids --sample_rate 0.01 debian
INFO[05-23|04:04:04] start ubuntu server mode test(mode: cveids)
INFO[05-23|04:04:04] check the communication with the server
INFO[05-23|04:04:04] communication with the server has been confirmed
#@ python integration/diff_server_mode.py cveids --sample_rate 0.01 redhat
# @ python integration/diff_server_mode.py cveids --sample_rate 0.01 microsoft
make[1]: ディレクトリ '/home/kota/go/src/github.com/vulsio/gost' から出ます
make diff-package
make[1]: ディレクトリ '/home/kota/go/src/github.com/vulsio/gost' に入ります
#@ python integration/diff_server_mode.py package --sample_rate 0.01 debian
INFO[05-23|04:04:06] start ubuntu server mode test(mode: package)
INFO[05-23|04:04:06] check the communication with the server
INFO[05-23|04:04:06] communication with the server has been confirmed
#@ python integration/diff_server_mode.py package --sample_rate 0.01 redhat
# @ python integration/diff_server_mode.py kbid --sample_rate 0.01 microsoft
make[1]: ディレクトリ '/home/kota/go/src/github.com/vulsio/gost' から出ます
pkill gost.new

I will paste a part of the comparison between rdb.new and rdb.old. It has become possible to detect new cases of ESM that had not been detected before.

Comparing ./1604(unfixed-cves)/w3af.old with ./1604(unfixed-cves)/w3af.new
1c1,107
< {}
---
> {
>     "CVE-2013-2099": {
...
>         "patches": [
>             {
>                 "package_name": "w3af",
>                 "release_patches": [
>                     {
>                         "release_name": "esm-apps/xenial",
>                         "status": "needed",
>                         "note": ""
>                     }
>                 ]
>             }
>         ],

Checklist:

• Write tests
• Write documentation
• Check that there aren't other open pull requests for the same issue/feature
• Format your source code by make fmt
• Pass the test by make test
• Provide verification config / commands
• Enable "Allow edits from maintainers" for this PR
• Update the messages below

Is this ready for review?: YES

[MaineK00n]

LGTM