bump to v0.43

This commit is contained in:
Stéphane Lesimple 2019-12-08 15:25:20 +01:00
parent 1f604c119b
commit a343bccb49
1 changed files with 7 additions and 6 deletions

View File

@ -11,7 +11,7 @@
# #
# Stephane Lesimple # Stephane Lesimple
# #
VERSION='0.42' VERSION='0.43'
trap 'exit_cleanup' EXIT trap 'exit_cleanup' EXIT
trap '_warn "interrupted, cleaning up..."; exit_cleanup; exit 1' INT trap '_warn "interrupted, cleaning up..."; exit_cleanup; exit 1' INT
@ -84,14 +84,14 @@ show_usage()
--batch prometheus produce output for consumption by prometheus-node-exporter --batch prometheus produce output for consumption by prometheus-node-exporter
--variant VARIANT specify which variant you'd like to check, by default all variants are checked --variant VARIANT specify which variant you'd like to check, by default all variants are checked
VARIANT can be one of 1, 2, 3, 3a, 4, l1tf, msbds, mfbds, mlpds, mdsum, taa VARIANT can be one of 1, 2, 3, 3a, 4, l1tf, msbds, mfbds, mlpds, mdsum, taa, mcepsc
can be specified multiple times (e.g. --variant 2 --variant 3) can be specified multiple times (e.g. --variant 2 --variant 3)
--cve [cve1,cve2,...] specify which CVE you'd like to check, by default all supported CVEs are checked --cve [cve1,cve2,...] specify which CVE you'd like to check, by default all supported CVEs are checked
--hw-only only check for CPU information, don't check for any variant --hw-only only check for CPU information, don't check for any variant
--no-hw skip CPU information and checks, if you're inspecting a kernel not to be run on this host --no-hw skip CPU information and checks, if you're inspecting a kernel not to be run on this host
--vmm [auto,yes,no] override the detection of the presence of a hypervisor (for CVE-2018-3646), default: auto --vmm [auto,yes,no] override the detection of the presence of a hypervisor, default: auto
--update-fwdb update our local copy of the CPU microcodes versions database (using the awesome MCExtractor project --update-fwdb update our local copy of the CPU microcodes versions database (using the awesome
and the Intel firmwares GitHub repository) MCExtractor project and the Intel firmwares GitHub repository)
--update-builtin-fwdb same as --update-fwdb but update builtin DB inside the script itself --update-builtin-fwdb same as --update-fwdb but update builtin DB inside the script itself
--dump-mock-data used to mimick a CPU on an other system, mainly used to help debugging this script --dump-mock-data used to mimick a CPU on an other system, mainly used to help debugging this script
@ -1040,8 +1040,9 @@ while [ -n "$1" ]; do
mdsum) opt_cve_list="$opt_cve_list CVE-2019-11091"; opt_cve_all=0;; mdsum) opt_cve_list="$opt_cve_list CVE-2019-11091"; opt_cve_all=0;;
l1tf) opt_cve_list="$opt_cve_list CVE-2018-3615 CVE-2018-3620 CVE-2018-3646"; opt_cve_all=0;; l1tf) opt_cve_list="$opt_cve_list CVE-2018-3615 CVE-2018-3620 CVE-2018-3646"; opt_cve_all=0;;
taa) opt_cve_list="$opt_cve_list CVE-2019-11135"; opt_cve_all=0;; taa) opt_cve_list="$opt_cve_list CVE-2019-11135"; opt_cve_all=0;;
mcepsc) opt_cve_list="$opt_cve_list CVE-2018-12207"; opt_cve_all=0;;
*) *)
echo "$0: error: invalid parameter '$2' for --variant, expected either 1, 2, 3, 3a, 4, msbds, mfbds, mlpds, mdsum, taa or l1tf" >&2; echo "$0: error: invalid parameter '$2' for --variant, expected either 1, 2, 3, 3a, 4, l1tf, msbds, mfbds, mlpds, mdsum, taa or mcepsc" >&2;
exit 255 exit 255
;; ;;
esac esac