Hi,
I am new to Clair and I need some help in setting up Clair.
I followed the instructions to install Clair using Docker Compose approach
from below link:
https://github.com/coreos/clair
Both, clair and postgres containers are up. But, when I connect to Clair
using localhost:6060 I get *404 page not found*
To debug this issue, I looked into the Clair logs using "docker logs <clair
container ID>" and I found below error:
pgsql: insertVulnerabilityFixedInFeature: pq: duplicate key value violates
unique constraint
"vulnerability_fixedin_feature_vulnerability_id_feature_id_key"
When I logged into postgres container, I found that the tables were filled
with vulnerability information.
Could some one shed some light on this issue and help me resolve the
problem?
Please find the clair log file in the attachment that contains the error
messages.
thanks
Suresh
2016-08-09 23:59:12.418645 I | pgsql: running database migrations
2016-08-09 23:59:12.486654 E | pgsql: dial tcp 172.19.0.2:5432: getsockopt:
connection refused
2016-08-09 23:59:12.486693 C | main: database: could not open database
2016-08-10 00:01:35.435655 I | pgsql: running database migrations
goose: migrating db environment '', current version: 0, target: 20151222113213
OK 20151222113213_Initial.sql
2016-08-10 00:01:35.539015 I | pgsql: database migration ran successfully
2016-08-10 00:01:35.539273 I | api: starting health API on port 6061.
2016-08-10 00:01:35.539330 I | notifier: notifier service is disabled
2016-08-10 00:01:35.539361 I | api: starting main API on port 6060.
2016-08-10 00:01:35.539414 I | updater: updater service started. lock
identifier: 385d1ce0-960f-4f68-8298-5c3109246f18
2016-08-10 00:01:35.574370 I | updater: updating vulnerabilities
2016-08-10 00:01:35.574406 I | updater: fetching vulnerability updates
2016-08-10 00:01:35.574455 I | updater/fetchers/ubuntu: fetching Ubuntu
vulnerabilities
2016-08-10 00:01:35.574566 I | updater/fetchers/debian: fetching Debian
vulnerabilities
2016-08-10 00:01:35.574820 I | updater/fetchers/rhel: fetching Red Hat
vulnerabilities
2016-08-10 00:02:10.567873 I | api: %!s(int=404) %!d(string=GET) /
172.19.0.1:56710
2016-08-10 00:02:17.888768 I | api: %!s(int=404) %!d(string=GET) /
172.19.0.1:56710
2016-08-10 00:02:19.718497 I | api: %!s(int=404) %!d(string=GET) /
172.19.0.1:56710
2016-08-10 00:02:53.333829 I | api: %!s(int=404) %!d(string=GET) /
172.19.0.1:56710
2016-08-10 00:02:56.653240 I | api: %!s(int=404) %!d(string=GET) /
172.19.0.1:56712
2016-08-10 00:03:01.763658 I | api: %!s(int=404) %!d(string=GET) /
172.19.0.1:56712
2016-08-10 00:03:02.719292 I | api: %!s(int=404) %!d(string=GET) /
172.19.0.1:56710
2016-08-10 00:06:37.612870 I | api: %!s(int=404) %!d(string=GET) /
172.19.0.1:56722
2016-08-10 00:06:37.621697 I | api: %!s(int=404) %!d(string=GET) /favicon.ico
172.19.0.1:56724
2016-08-10 00:06:42.012919 I | api: %!s(int=404) %!d(string=GET) /
172.19.0.1:56726
2016-08-10 00:06:45.065323 I | api: %!s(int=404) %!d(string=GET) /
172.19.0.1:56726
2016-08-10 00:14:17.384127 I | updater: adding metadata to vulnerabilities
2016-08-10 00:33:16.713669 E | pgsql: insertVulnerabilityFixedInFeature: pq:
duplicate key value violates unique constraint
"vulnerability_fixedin_feature_vulnerability_id_feature_id_key"
database.Vulnerability{Model:database.Model{ID:0}, Name:"RHSA-2009:0382",
Namespace:database.Namespace{Model:database.Model{ID:0}, Name:"centos:5"},
Description:"libvirt is a C API for managing and interacting with the
virtualization capabilities of Linux and other operating systems. libvirt also
provides tools for remotely managing virtualized systems. The libvirtd daemon
was discovered to not properly check user connection permissions before
performing certain privileged actions, such as requesting migration of an
unprivileged guest domain to another system. A local user able to establish a
read-only connection to libvirtd could use this flaw to perform actions that
should be restricted to read-write connections. (CVE-2008-5086) libvirt_proxy,
a setuid helper application allowing non-privileged users to communicate with
the hypervisor, was discovered to not properly validate user requests. Local
users could use this flaw to cause a stack-based buffer overflow in
libvirt_proxy, possibly allowing them to run arbitrary code with root
privileges. (CVE-2009-0036) All users are advised to upgrade to these updated
packages, which contain backported patches which resolve these issues. After
installing the update, libvirtd must be restarted manually (for example, by
issuing a \"service libvirtd restart\" command), and guest systems rebooted,
for this change to take effect.",
Link:"https://rhn.redhat.com/errata/RHSA-2009-0382.html";, Severity:"Medium",
Metadata:database.MetadataMap(nil),
FixedIn:[]database.FeatureVersion{database.FeatureVersion{Model:database.Model{ID:0},
Feature:database.Feature{Model:database.Model{ID:0}, Name:"libvirt-python",
Namespace:database.Namespace{Model:database.Model{ID:0}, Name:"centos:5"}},
Version:types.Version{epoch:0, version:"0.3.3", revision:"14.el5_3.1"},
AffectedBy:[]database.Vulnerability(nil),
AddedBy:database.Layer{Model:database.Model{ID:0}, Name:"", EngineVersion:0,
Parent:(*database.Layer)(nil), Namespace:(*database.Namespace)(nil),
Features:[]database.FeatureVersion(nil)}},
database.FeatureVersion{Model:database.Model{ID:0},
Feature:database.Feature{Model:database.Model{ID:0}, Name:"libvirt-devel",
Namespace:database.Namespace{Model:database.Model{ID:0}, Name:"centos:5"}},
Version:types.Version{epoch:0, version:"0.3.3", revision:"14.el5_3.1"},
AffectedBy:[]database.Vulnerability(nil),
AddedBy:database.Layer{Model:database.Model{ID:0}, Name:"", EngineVersion:0,
Parent:(*database.Layer)(nil), Namespace:(*database.Namespace)(nil),
Features:[]database.FeatureVersion(nil)}},
database.FeatureVersion{Model:database.Model{ID:0},
Feature:database.Feature{Model:database.Model{ID:0}, Name:"libvirt",
Namespace:database.Namespace{Model:database.Model{ID:0}, Name:"centos:5"}},
Version:types.Version{epoch:0, version:"0.3.3", revision:"14.el5_3.1"},
AffectedBy:[]database.Vulnerability(nil),
AddedBy:database.Layer{Model:database.Model{ID:0}, Name:"", EngineVersion:0,
Parent:(*database.Layer)(nil), Namespace:(*database.Namespace)(nil),
Features:[]database.FeatureVersion(nil)}},
database.FeatureVersion{Model:database.Model{ID:0},
Feature:database.Feature{Model:database.Model{ID:0}, Name:"libvirt-devel",
Namespace:database.Namespace{Model:database.Model{ID:0}, Name:"centos:5"}},
Version:types.Version{epoch:0, version:"0.3.3", revision:"14.el5_3.1"},
AffectedBy:[]database.Vulnerability(nil),
AddedBy:database.Layer{Model:database.Model{ID:0}, Name:"", EngineVersion:0,
Parent:(*database.Layer)(nil), Namespace:(*database.Namespace)(nil),
Features:[]database.FeatureVersion(nil)}},
database.FeatureVersion{Model:database.Model{ID:0},
Feature:database.Feature{Model:database.Model{ID:0}, Name:"libvirt",
Namespace:database.Namespace{Model:database.Model{ID:0}, Name:"centos:5"}},
Version:types.Version{epoch:0, version:"0.3.3", revision:"14.el5_3.1"},
AffectedBy:[]database.Vulnerability(nil),
AddedBy:database.Layer{Model:database.Model{ID:0}, Name:"", EngineVersion:0,
Parent:(*database.Layer)(nil), Namespace:(*database.Namespace)(nil),
Features:[]database.FeatureVersion(nil)}},
database.FeatureVersion{Model:database.Model{ID:0},
Feature:database.Feature{Model:database.Model{ID:0}, Name:"libvirt-python",
Namespace:database.Namespace{Model:database.Model{ID:0}, Name:"centos:5"}},
Version:types.Version{epoch:0, version:"0.3.3", revision:"14.el5_3.1"},
AffectedBy:[]database.Vulnerability(nil),
AddedBy:database.Layer{Model:database.Model{ID:0}, Name:"", EngineVersion:0,
Parent:(*database.Layer)(nil), Namespace:(*database.Namespace)(nil),
Features:[]database.FeatureVersion(nil)}}},
LayersIntroducingVulnerability:[]database.Layer(nil),
FixedBy:types.Version{epoch:0, version:"", revision:""}}
2016-08-10 00:33:16.714328 E | updater: an error occured when inserting
vulnerabilities for update: database: an error occured when querying the backend
2016-08-10 00:33:16.717231 I | updater: updating vulnerabilities
2016-08-10 00:33:16.717270 I | updater: fetching vulnerability updates
2016-08-10 00:33:16.717305 I | updater/fetchers/ubuntu: fetching Ubuntu
vulnerabilities
2016-08-10 00:33:16.717385 I | updater/fetchers/debian: fetching Debian
vulnerabilities
2016-08-10 00:33:16.717550 I | updater/fetchers/rhel: fetching Red Hat
vulnerabilities
2016-08-10 17:56:23.628710 I | updater: adding metadata to vulnerabilities
2016-08-10 18:27:25.962585 E | pgsql: insertVulnerabilityFixedInFeature: pq:
duplicate key value violates unique constraint
"vulnerability_fixedin_feature_vulnerability_id_feature_id_key"
database.Vulnerability{Model:database.Model{ID:0}, Name:"RHSA-2009:0382",
Namespace:database.Namespace{Model:database.Model{ID:0}, Name:"centos:5"},
Description:"libvirt is a C API for managing and interacting with the
virtualization capabilities of Linux and other operating systems. libvirt also
provides tools for remotely managing virtualized systems. The libvirtd daemon
was discovered to not properly check user connection permissions before
performing certain privileged actions, such as requesting migration of an
unprivileged guest domain to another system. A local user able to establish a
read-only connection to libvirtd could use this flaw to perform actions that
should be restricted to read-write connections. (CVE-2008-5086) libvirt_proxy,
a setuid helper application allowing non-privileged users to communicate with
the hypervisor, was discovered to not properly validate user requests. Local
users could use this flaw to cause a stack-based buffer overflow in
libvirt_proxy, possibly allowing them to run arbitrary code with root
privileges. (CVE-2009-0036) All users are advised to upgrade to these updated
packages, which contain backported patches which resolve these issues. After
installing the update, libvirtd must be restarted manually (for example, by
issuing a \"service libvirtd restart\" command), and guest systems rebooted,
for this change to take effect.",
Link:"https://rhn.redhat.com/errata/RHSA-2009-0382.html";, Severity:"Medium",
Metadata:database.MetadataMap(nil),
FixedIn:[]database.FeatureVersion{database.FeatureVersion{Model:database.Model{ID:0},
Feature:database.Feature{Model:database.Model{ID:0}, Name:"libvirt-devel",
Namespace:database.Namespace{Model:database.Model{ID:0}, Name:"centos:5"}},
Version:types.Version{epoch:0, version:"0.3.3", revision:"14.el5_3.1"},
AffectedBy:[]database.Vulnerability(nil),
AddedBy:database.Layer{Model:database.Model{ID:0}, Name:"", EngineVersion:0,
Parent:(*database.Layer)(nil), Namespace:(*database.Namespace)(nil),
Features:[]database.FeatureVersion(nil)}},
database.FeatureVersion{Model:database.Model{ID:0},
Feature:database.Feature{Model:database.Model{ID:0}, Name:"libvirt",
Namespace:database.Namespace{Model:database.Model{ID:0}, Name:"centos:5"}},
Version:types.Version{epoch:0, version:"0.3.3", revision:"14.el5_3.1"},
AffectedBy:[]database.Vulnerability(nil),
AddedBy:database.Layer{Model:database.Model{ID:0}, Name:"", EngineVersion:0,
Parent:(*database.Layer)(nil), Namespace:(*database.Namespace)(nil),
Features:[]database.FeatureVersion(nil)}},
database.FeatureVersion{Model:database.Model{ID:0},
Feature:database.Feature{Model:database.Model{ID:0}, Name:"libvirt-python",
Namespace:database.Namespace{Model:database.Model{ID:0}, Name:"centos:5"}},
Version:types.Version{epoch:0, version:"0.3.3", revision:"14.el5_3.1"},
AffectedBy:[]database.Vulnerability(nil),
AddedBy:database.Layer{Model:database.Model{ID:0}, Name:"", EngineVersion:0,
Parent:(*database.Layer)(nil), Namespace:(*database.Namespace)(nil),
Features:[]database.FeatureVersion(nil)}},
database.FeatureVersion{Model:database.Model{ID:0},
Feature:database.Feature{Model:database.Model{ID:0}, Name:"libvirt-devel",
Namespace:database.Namespace{Model:database.Model{ID:0}, Name:"centos:5"}},
Version:types.Version{epoch:0, version:"0.3.3", revision:"14.el5_3.1"},
AffectedBy:[]database.Vulnerability(nil),
AddedBy:database.Layer{Model:database.Model{ID:0}, Name:"", EngineVersion:0,
Parent:(*database.Layer)(nil), Namespace:(*database.Namespace)(nil),
Features:[]database.FeatureVersion(nil)}},
database.FeatureVersion{Model:database.Model{ID:0},
Feature:database.Feature{Model:database.Model{ID:0}, Name:"libvirt",
Namespace:database.Namespace{Model:database.Model{ID:0}, Name:"centos:5"}},
Version:types.Version{epoch:0, version:"0.3.3", revision:"14.el5_3.1"},
AffectedBy:[]database.Vulnerability(nil),
AddedBy:database.Layer{Model:database.Model{ID:0}, Name:"", EngineVersion:0,
Parent:(*database.Layer)(nil), Namespace:(*database.Namespace)(nil),
Features:[]database.FeatureVersion(nil)}},
database.FeatureVersion{Model:database.Model{ID:0},
Feature:database.Feature{Model:database.Model{ID:0}, Name:"libvirt-python",
Namespace:database.Namespace{Model:database.Model{ID:0}, Name:"centos:5"}},
Version:types.Version{epoch:0, version:"0.3.3", revision:"14.el5_3.1"},
AffectedBy:[]database.Vulnerability(nil),
AddedBy:database.Layer{Model:database.Model{ID:0}, Name:"", EngineVersion:0,
Parent:(*database.Layer)(nil), Namespace:(*database.Namespace)(nil),
Features:[]database.FeatureVersion(nil)}}},
LayersIntroducingVulnerability:[]database.Layer(nil),
FixedBy:types.Version{epoch:0, version:"", revision:""}}
2016-08-10 18:27:25.963609 E | updater: an error occured when inserting
vulnerabilities for update: database: an error occured when querying the backend
2016-08-10 18:27:25.967308 I | updater: updating vulnerabilities
2016-08-10 18:27:25.967414 I | updater: fetching vulnerability updates
2016-08-10 18:27:25.967514 I | updater/fetchers/ubuntu: fetching Ubuntu
vulnerabilities
2016-08-10 18:27:25.967796 I | updater/fetchers/debian: fetching Debian
vulnerabilities
2016-08-10 18:27:25.968318 I | updater/fetchers/rhel: fetching Red Hat
vulnerabilities
2016-08-10 18:34:02.608002 I | updater: adding metadata to vulnerabilities
2016-08-10 18:35:00.642485 I | api: %!s(int=404) %!d(string=GET) /
172.19.0.1:56796
2016-08-10 18:35:07.739050 I | api: %!s(int=404) %!d(string=GET) /
172.19.0.1:56798
2016-08-10 18:36:28.891104 I | api: %!s(int=404) %!d(string=GET) /
172.19.0.1:56804
2016-08-10 18:36:30.194813 I | api: %!s(int=404) %!d(string=GET) /
172.19.0.1:56806
2016-08-10 19:08:11.701330 E | pgsql: insertVulnerabilityFixedInFeature: pq:
duplicate key value violates unique constraint
"vulnerability_fixedin_feature_vulnerability_id_feature_id_key"
database.Vulnerability{Model:database.Model{ID:0}, Name:"RHSA-2009:0382",
Namespace:database.Namespace{Model:database.Model{ID:0}, Name:"centos:5"},
Description:"libvirt is a C API for managing and interacting with the
virtualization capabilities of Linux and other operating systems. libvirt also
provides tools for remotely managing virtualized systems. The libvirtd daemon
was discovered to not properly check user connection permissions before
performing certain privileged actions, such as requesting migration of an
unprivileged guest domain to another system. A local user able to establish a
read-only connection to libvirtd could use this flaw to perform actions that
should be restricted to read-write connections. (CVE-2008-5086) libvirt_proxy,
a setuid helper application allowing non-privileged users to communicate with
the hypervisor, was discovered to not properly validate user requests. Local
users could use this flaw to cause a stack-based buffer overflow in
libvirt_proxy, possibly allowing them to run arbitrary code with root
privileges. (CVE-2009-0036) All users are advised to upgrade to these updated
packages, which contain backported patches which resolve these issues. After
installing the update, libvirtd must be restarted manually (for example, by
issuing a \"service libvirtd restart\" command), and guest systems rebooted,
for this change to take effect.",
Link:"https://rhn.redhat.com/errata/RHSA-2009-0382.html";, Severity:"Medium",
Metadata:database.MetadataMap(nil),
FixedIn:[]database.FeatureVersion{database.FeatureVersion{Model:database.Model{ID:0},
Feature:database.Feature{Model:database.Model{ID:0}, Name:"libvirt-devel",
Namespace:database.Namespace{Model:database.Model{ID:0}, Name:"centos:5"}},
Version:types.Version{epoch:0, version:"0.3.3", revision:"14.el5_3.1"},
AffectedBy:[]database.Vulnerability(nil),
AddedBy:database.Layer{Model:database.Model{ID:0}, Name:"", EngineVersion:0,
Parent:(*database.Layer)(nil), Namespace:(*database.Namespace)(nil),
Features:[]database.FeatureVersion(nil)}},
database.FeatureVersion{Model:database.Model{ID:0},
Feature:database.Feature{Model:database.Model{ID:0}, Name:"libvirt",
Namespace:database.Namespace{Model:database.Model{ID:0}, Name:"centos:5"}},
Version:types.Version{epoch:0, version:"0.3.3", revision:"14.el5_3.1"},
AffectedBy:[]database.Vulnerability(nil),
AddedBy:database.Layer{Model:database.Model{ID:0}, Name:"", EngineVersion:0,
Parent:(*database.Layer)(nil), Namespace:(*database.Namespace)(nil),
Features:[]database.FeatureVersion(nil)}},
database.FeatureVersion{Model:database.Model{ID:0},
Feature:database.Feature{Model:database.Model{ID:0}, Name:"libvirt-python",
Namespace:database.Namespace{Model:database.Model{ID:0}, Name:"centos:5"}},
Version:types.Version{epoch:0, version:"0.3.3", revision:"14.el5_3.1"},
AffectedBy:[]database.Vulnerability(nil),
AddedBy:database.Layer{Model:database.Model{ID:0}, Name:"", EngineVersion:0,
Parent:(*database.Layer)(nil), Namespace:(*database.Namespace)(nil),
Features:[]database.FeatureVersion(nil)}},
database.FeatureVersion{Model:database.Model{ID:0},
Feature:database.Feature{Model:database.Model{ID:0}, Name:"libvirt-devel",
Namespace:database.Namespace{Model:database.Model{ID:0}, Name:"centos:5"}},
Version:types.Version{epoch:0, version:"0.3.3", revision:"14.el5_3.1"},
AffectedBy:[]database.Vulnerability(nil),
AddedBy:database.Layer{Model:database.Model{ID:0}, Name:"", EngineVersion:0,
Parent:(*database.Layer)(nil), Namespace:(*database.Namespace)(nil),
Features:[]database.FeatureVersion(nil)}},
database.FeatureVersion{Model:database.Model{ID:0},
Feature:database.Feature{Model:database.Model{ID:0}, Name:"libvirt",
Namespace:database.Namespace{Model:database.Model{ID:0}, Name:"centos:5"}},
Version:types.Version{epoch:0, version:"0.3.3", revision:"14.el5_3.1"},
AffectedBy:[]database.Vulnerability(nil),
AddedBy:database.Layer{Model:database.Model{ID:0}, Name:"", EngineVersion:0,
Parent:(*database.Layer)(nil), Namespace:(*database.Namespace)(nil),
Features:[]database.FeatureVersion(nil)}},
database.FeatureVersion{Model:database.Model{ID:0},
Feature:database.Feature{Model:database.Model{ID:0}, Name:"libvirt-python",
Namespace:database.Namespace{Model:database.Model{ID:0}, Name:"centos:5"}},
Version:types.Version{epoch:0, version:"0.3.3", revision:"14.el5_3.1"},
AffectedBy:[]database.Vulnerability(nil),
AddedBy:database.Layer{Model:database.Model{ID:0}, Name:"", EngineVersion:0,
Parent:(*database.Layer)(nil), Namespace:(*database.Namespace)(nil),
Features:[]database.FeatureVersion(nil)}}},
LayersIntroducingVulnerability:[]database.Layer(nil),
FixedBy:types.Version{epoch:0, version:"", revision:""}}
2016-08-10 19:08:11.702349 E | updater: an error occured when inserting
vulnerabilities for update: database: an error occured when querying the backend
2016-08-10 19:08:11.709943 I | updater: updating vulnerabilities
2016-08-10 19:08:11.710052 I | updater: fetching vulnerability updates
2016-08-10 19:08:11.710139 I | updater/fetchers/debian: fetching Debian
vulnerabilities
2016-08-10 19:08:11.710321 I | updater/fetchers/rhel: fetching Red Hat
vulnerabilities
2016-08-10 19:08:11.710412 I | updater/fetchers/ubuntu: fetching Ubuntu
vulnerabilities
2016-08-10 19:15:51.393167 I | updater: adding metadata to vulnerabilities
2016-08-10 20:48:37.231467 E | pgsql: insertVulnerabilityFixedInFeature: pq:
duplicate key value violates unique constraint
"vulnerability_fixedin_feature_vulnerability_id_feature_id_key"
database.Vulnerability{Model:database.Model{ID:0}, Name:"RHSA-2009:0382",
Namespace:database.Namespace{Model:database.Model{ID:0}, Name:"centos:5"},
Description:"libvirt is a C API for managing and interacting with the
virtualization capabilities of Linux and other operating systems. libvirt also
provides tools for remotely managing virtualized systems. The libvirtd daemon
was discovered to not properly check user connection permissions before
performing certain privileged actions, such as requesting migration of an
unprivileged guest domain to another system. A local user able to establish a
read-only connection to libvirtd could use this flaw to perform actions that
should be restricted to read-write connections. (CVE-2008-5086) libvirt_proxy,
a setuid helper application allowing non-privileged users to communicate with
the hypervisor, was discovered to not properly validate user requests. Local
users could use this flaw to cause a stack-based buffer overflow in
libvirt_proxy, possibly allowing them to run arbitrary code with root
privileges. (CVE-2009-0036) All users are advised to upgrade to these updated
packages, which contain backported patches which resolve these issues. After
installing the update, libvirtd must be restarted manually (for example, by
issuing a \"service libvirtd restart\" command), and guest systems rebooted,
for this change to take effect.",
Link:"https://rhn.redhat.com/errata/RHSA-2009-0382.html";, Severity:"Medium",
Metadata:database.MetadataMap(nil),
FixedIn:[]database.FeatureVersion{database.FeatureVersion{Model:database.Model{ID:0},
Feature:database.Feature{Model:database.Model{ID:0}, Name:"libvirt",
Namespace:database.Namespace{Model:database.Model{ID:0}, Name:"centos:5"}},
Version:types.Version{epoch:0, version:"0.3.3", revision:"14.el5_3.1"},
AffectedBy:[]database.Vulnerability(nil),
AddedBy:database.Layer{Model:database.Model{ID:0}, Name:"", EngineVersion:0,
Parent:(*database.Layer)(nil), Namespace:(*database.Namespace)(nil),
Features:[]database.FeatureVersion(nil)}},
database.FeatureVersion{Model:database.Model{ID:0},
Feature:database.Feature{Model:database.Model{ID:0}, Name:"libvirt-python",
Namespace:database.Namespace{Model:database.Model{ID:0}, Name:"centos:5"}},
Version:types.Version{epoch:0, version:"0.3.3", revision:"14.el5_3.1"},
AffectedBy:[]database.Vulnerability(nil),
AddedBy:database.Layer{Model:database.Model{ID:0}, Name:"", EngineVersion:0,
Parent:(*database.Layer)(nil), Namespace:(*database.Namespace)(nil),
Features:[]database.FeatureVersion(nil)}},
database.FeatureVersion{Model:database.Model{ID:0},
Feature:database.Feature{Model:database.Model{ID:0}, Name:"libvirt-devel",
Namespace:database.Namespace{Model:database.Model{ID:0}, Name:"centos:5"}},
Version:types.Version{epoch:0, version:"0.3.3", revision:"14.el5_3.1"},
AffectedBy:[]database.Vulnerability(nil),
AddedBy:database.Layer{Model:database.Model{ID:0}, Name:"", EngineVersion:0,
Parent:(*database.Layer)(nil), Namespace:(*database.Namespace)(nil),
Features:[]database.FeatureVersion(nil)}},
database.FeatureVersion{Model:database.Model{ID:0},
Feature:database.Feature{Model:database.Model{ID:0}, Name:"libvirt-devel",
Namespace:database.Namespace{Model:database.Model{ID:0}, Name:"centos:5"}},
Version:types.Version{epoch:0, version:"0.3.3", revision:"14.el5_3.1"},
AffectedBy:[]database.Vulnerability(nil),
AddedBy:database.Layer{Model:database.Model{ID:0}, Name:"", EngineVersion:0,
Parent:(*database.Layer)(nil), Namespace:(*database.Namespace)(nil),
Features:[]database.FeatureVersion(nil)}},
database.FeatureVersion{Model:database.Model{ID:0},
Feature:database.Feature{Model:database.Model{ID:0}, Name:"libvirt",
Namespace:database.Namespace{Model:database.Model{ID:0}, Name:"centos:5"}},
Version:types.Version{epoch:0, version:"0.3.3", revision:"14.el5_3.1"},
AffectedBy:[]database.Vulnerability(nil),
AddedBy:database.Layer{Model:database.Model{ID:0}, Name:"", EngineVersion:0,
Parent:(*database.Layer)(nil), Namespace:(*database.Namespace)(nil),
Features:[]database.FeatureVersion(nil)}},
database.FeatureVersion{Model:database.Model{ID:0},
Feature:database.Feature{Model:database.Model{ID:0}, Name:"libvirt-python",
Namespace:database.Namespace{Model:database.Model{ID:0}, Name:"centos:5"}},
Version:types.Version{epoch:0, version:"0.3.3", revision:"14.el5_3.1"},
AffectedBy:[]database.Vulnerability(nil),
AddedBy:database.Layer{Model:database.Model{ID:0}, Name:"", EngineVersion:0,
Parent:(*database.Layer)(nil), Namespace:(*database.Namespace)(nil),
Features:[]database.FeatureVersion(nil)}}},
LayersIntroducingVulnerability:[]database.Layer(nil),
FixedBy:types.Version{epoch:0, version:"", revision:""}}
2016-08-10 20:48:37.233480 E | updater: an error occured when inserting
vulnerabilities for update: database: an error occured when querying the backend
2016-08-10 20:48:37.237136 I | updater: updating vulnerabilities
2016-08-10 20:48:37.237459 I | updater: fetching vulnerability updates
2016-08-10 20:48:37.237677 I | updater/fetchers/rhel: fetching Red Hat
vulnerabilities
2016-08-10 20:48:37.237924 I | updater/fetchers/ubuntu: fetching Ubuntu
vulnerabilities
2016-08-10 20:48:37.238239 I | updater/fetchers/debian: fetching Debian
vulnerabilities
2016-08-10 20:56:43.585300 I | updater: adding metadata to vulnerabilities
2016-08-10 22:17:03.326267 E | pgsql: insertVulnerabilityFixedInFeature: pq:
duplicate key value violates unique constraint
"vulnerability_fixedin_feature_vulnerability_id_feature_id_key"
database.Vulnerability{Model:database.Model{ID:0}, Name:"RHSA-2009:0382",
Namespace:database.Namespace{Model:database.Model{ID:0}, Name:"centos:5"},
Description:"libvirt is a C API for managing and interacting with the
virtualization capabilities of Linux and other operating systems. libvirt also
provides tools for remotely managing virtualized systems. The libvirtd daemon
was discovered to not properly check user connection permissions before
performing certain privileged actions, such as requesting migration of an
unprivileged guest domain to another system. A local user able to establish a
read-only connection to libvirtd could use this flaw to perform actions that
should be restricted to read-write connections. (CVE-2008-5086) libvirt_proxy,
a setuid helper application allowing non-privileged users to communicate with
the hypervisor, was discovered to not properly validate user requests. Local
users could use this flaw to cause a stack-based buffer overflow in
libvirt_proxy, possibly allowing them to run arbitrary code with root
privileges. (CVE-2009-0036) All users are advised to upgrade to these updated
packages, which contain backported patches which resolve these issues. After
installing the update, libvirtd must be restarted manually (for example, by
issuing a \"service libvirtd restart\" command), and guest systems rebooted,
for this change to take effect.",
Link:"https://rhn.redhat.com/errata/RHSA-2009-0382.html";, Severity:"Medium",
Metadata:database.MetadataMap(nil),
FixedIn:[]database.FeatureVersion{database.FeatureVersion{Model:database.Model{ID:0},
Feature:database.Feature{Model:database.Model{ID:0}, Name:"libvirt-devel",
Namespace:database.Namespace{Model:database.Model{ID:0}, Name:"centos:5"}},
Version:types.Version{epoch:0, version:"0.3.3", revision:"14.el5_3.1"},
AffectedBy:[]database.Vulnerability(nil),
AddedBy:database.Layer{Model:database.Model{ID:0}, Name:"", EngineVersion:0,
Parent:(*database.Layer)(nil), Namespace:(*database.Namespace)(nil),
Features:[]database.FeatureVersion(nil)}},
database.FeatureVersion{Model:database.Model{ID:0},
Feature:database.Feature{Model:database.Model{ID:0}, Name:"libvirt",
Namespace:database.Namespace{Model:database.Model{ID:0}, Name:"centos:5"}},
Version:types.Version{epoch:0, version:"0.3.3", revision:"14.el5_3.1"},
AffectedBy:[]database.Vulnerability(nil),
AddedBy:database.Layer{Model:database.Model{ID:0}, Name:"", EngineVersion:0,
Parent:(*database.Layer)(nil), Namespace:(*database.Namespace)(nil),
Features:[]database.FeatureVersion(nil)}},
database.FeatureVersion{Model:database.Model{ID:0},
Feature:database.Feature{Model:database.Model{ID:0}, Name:"libvirt-python",
Namespace:database.Namespace{Model:database.Model{ID:0}, Name:"centos:5"}},
Version:types.Version{epoch:0, version:"0.3.3", revision:"14.el5_3.1"},
AffectedBy:[]database.Vulnerability(nil),
AddedBy:database.Layer{Model:database.Model{ID:0}, Name:"", EngineVersion:0,
Parent:(*database.Layer)(nil), Namespace:(*database.Namespace)(nil),
Features:[]database.FeatureVersion(nil)}},
database.FeatureVersion{Model:database.Model{ID:0},
Feature:database.Feature{Model:database.Model{ID:0}, Name:"libvirt-devel",
Namespace:database.Namespace{Model:database.Model{ID:0}, Name:"centos:5"}},
Version:types.Version{epoch:0, version:"0.3.3", revision:"14.el5_3.1"},
AffectedBy:[]database.Vulnerability(nil),
AddedBy:database.Layer{Model:database.Model{ID:0}, Name:"", EngineVersion:0,
Parent:(*database.Layer)(nil), Namespace:(*database.Namespace)(nil),
Features:[]database.FeatureVersion(nil)}},
database.FeatureVersion{Model:database.Model{ID:0},
Feature:database.Feature{Model:database.Model{ID:0}, Name:"libvirt",
Namespace:database.Namespace{Model:database.Model{ID:0}, Name:"centos:5"}},
Version:types.Version{epoch:0, version:"0.3.3", revision:"14.el5_3.1"},
AffectedBy:[]database.Vulnerability(nil),
AddedBy:database.Layer{Model:database.Model{ID:0}, Name:"", EngineVersion:0,
Parent:(*database.Layer)(nil), Namespace:(*database.Namespace)(nil),
Features:[]database.FeatureVersion(nil)}},
database.FeatureVersion{Model:database.Model{ID:0},
Feature:database.Feature{Model:database.Model{ID:0}, Name:"libvirt-python",
Namespace:database.Namespace{Model:database.Model{ID:0}, Name:"centos:5"}},
Version:types.Version{epoch:0, version:"0.3.3", revision:"14.el5_3.1"},
AffectedBy:[]database.Vulnerability(nil),
AddedBy:database.Layer{Model:database.Model{ID:0}, Name:"", EngineVersion:0,
Parent:(*database.Layer)(nil), Namespace:(*database.Namespace)(nil),
Features:[]database.FeatureVersion(nil)}}},
LayersIntroducingVulnerability:[]database.Layer(nil),
FixedBy:types.Version{epoch:0, version:"", revision:""}}
2016-08-10 22:17:03.327342 E | updater: an error occured when inserting
vulnerabilities for update: database: an error occured when querying the backend
2016-08-10 22:17:03.330562 I | updater: updating vulnerabilities
2016-08-10 22:17:03.330689 I | updater: fetching vulnerability updates
2016-08-10 22:17:03.330889 I | updater/fetchers/ubuntu: fetching Ubuntu
vulnerabilities
2016-08-10 22:17:03.331055 I | updater/fetchers/rhel: fetching Red Hat
vulnerabilities
2016-08-10 22:17:03.331361 I | updater/fetchers/debian: fetching Debian
vulnerabilities
2016-08-10 22:24:48.029033 I | updater: adding metadata to vulnerabilities
2016-08-10 22:30:50.238341 I | api: %!s(int=404) %!d(string=GET) /
172.19.0.1:56850
2016-08-10 22:46:47.377503 I | api: %!s(int=404) %!d(string=GET) /
172.19.0.1:56852
