🧹 Improving openssl policy (#393)

Signed-off-by: Hossein Rouhani <[email protected]>
mondoohq · May 10, 2024 · 062bf10 · 062bf10
1 parent a2a4785
commit 062bf10
Showing 1 changed file with 5 additions and 2 deletions.
diff --git a/core/mondoo-openssl-vulnerability.mql.yaml b/core/mondoo-openssl-vulnerability.mql.yaml
@@ -56,7 +56,9 @@ queries:
   - uid: mondoo-openssl-vulnerability
     title: Ensure vulnerable OpenSSL version 3.0.0 - 3.0.6 are not installed
     impact: 100
-    mql: packages.where(name == /ssl/).all( version != /3.0.[0123456]/ )
+    mql: |
+      semver(package('openssl').version.find(/\d+\.\d+\.\d+/).first)  < semver("3.0.0") ||
+        semver(package('openssl').version.find(/\d+\.\d+\.\d+/).first)  > semver("3.0.6")
     docs:
       desc: |
         The OpenSSL Project released a security fix (OpenSSL version 3.0.7) for a new-and-disclosed CVE-2022-3602 and CVE-2022-3786 on Tuesday, November 1, 2022. This CVE is categorized as "HIGH" and affects OpenSSL versions from 3.0.0 to 3.0.6.
@@ -76,7 +78,8 @@ queries:
         3. Run this query:
 
         ```mql
-        packages.where(name == /ssl/).all( version != /3.0.[0123456]/ )
+        semver(package('openssl').version.find(/\d+\.\d+\.\d+/).first)  < semver("3.0.0") ||
+          semver(package('openssl').version.find(/\d+\.\d+\.\d+/).first)  > semver("3.0.6")
         ```
 
         Example output