skipped 91 lines 92 92 ;; 93 93 esac 94 94 ;; 95 + redhat) 96 + [ -r "/etc/os-release" ] && distro_release=$(grep -E '^VERSION_ID=' /etc/os-release | cut -f2 -d=) 97 + case "$distro_release" in 98 + 6.*) 99 + package_fixed="0.96-11.el6_10.2" 100 + ;; 101 + 7.3) 102 + package_fixed="0.112-12.el7_3.1" 103 + ;; 104 + 7.4) 105 + package_fixed="0.112-12.el7_4.2" 106 + ;; 107 + 7.6) 108 + package_fixed="0.112-18.el7_6.3" 109 + ;; 110 + 7.7) 111 + package_fixed="0.112-22.el7_7.2" 112 + ;; 113 + 7.*) 114 + package_fixed="0.112-26.el7_9.1" 115 + ;; 116 + 8.1) 117 + package_fixed="0.115-9.el8_1.2" 118 + ;; 119 + 8.2) 120 + package_fixed="0.115-11.el8_2.2" 121 + ;; 122 + 8.4) 123 + package_fixed="0.115-11.el8_4.2" 124 + ;; 125 + 8.*) 126 + package_fixed="0.115-13.el8_5.1" 127 + ;; 128 + *) 129 + lse_is_version_bigger "$distro_release" 8 && exit 1 130 + ;; 131 + esac 132 + ;; 95 133 rocky) 96 134 [ -r "/etc/os-release" ] && distro_release=$(grep -E '^VERSION_ID=' /etc/os-release | cut -f2 -d=) 97 135 case "$distro_release" in skipped 27 lines 125 163 ;; 126 164 esac 127 165 ;; 128 - #TODO: Add RedHat and other distros, although their info about patches is very poor 129 166 esac 130 167 if [ -n "$package_fixed" ] && [ -n "$package_version" ] && ! lse_is_version_bigger "$package_fixed" "$package_version"; then 131 168 # Not Vulnerable 132 169 exit 1 133 170 fi 134 171 fi 135 - $vulnerable && echo "Vulnerable!" 172 + $vulnerable && echo "Vulnerable! polkit version : $ { package_version : - pkexec_version } " 136 173 } #) 137 174 138 175 # Uncomment this line for testing the lse_cve_test function skipped 2 lines