ajakk
/ repo_timestamp
Created
October 8, 2022 23:20
node_exporter textfile generator for Gentoo repository timestamps
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| import os | |
| from os.path import exists, join | |
| import time | |
| import sys | |
| import portage | |
| from portage.const import TIMESTAMP_FORMAT | |
| from portage.repository.config import RepoConfig |
ajakk
/ gist:f5aece4564079513f09f6066238ed6aa
Last active
January 22, 2023 12:28
Communication with MaherAzzouzi in #1 of MaherAzzouzi/CVE-2022-37703
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| I attempted to get MaherAzzouzi to report their apparent information | |
| disclosure vulnerability to Amanda upstream via an issue in their | |
| CVE-2022-37703 repository. They apparently seemed to think that MITRE | |
| automatically reports issues to upstreams, which is not the | |
| case. Eventually, they deleted the issue after threatening to | |
| irresponsibly disclose two local privilege escalations in Amanda, all | |
| without any apparent attempt to notify upstream. As far as I can tell, | |
| that hasn't happened yet. | |
| I've asked Github to make the content of the issue public for |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| - name: register repository timestamp | |
| shell: date -ud "$(cat /var/db/repos/gentoo/metadata/timestamp.chk)" +%s | |
| register: repo_timestamp | |
| changed_when: false | |
| - name: update repository | |
| # Only run when the repo's timestamp is from more than an hour ago | |
| when: (((ansible_date_time['epoch'] | int) - (repo_timestamp['stdout'] | int)) > 3600) | |
| portage: | |
| sync: true |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| if [[ -z "${1}" ]]; then | |
| echo "Needs an argument" | |
| exit 1 | |
| fi | |
| DOCKERFILE="\ | |
| FROM FROMIMAGE |