From 062bf105e34e107a73f33975645ddceb71f7d9ee Mon Sep 17 00:00:00 2001
From: Hossein Rouhani <56231339+HRouhani@users.noreply.github.com>
Date: Fri, 10 May 2024 16:41:21 +0200
Subject: [PATCH] =?UTF-8?q?=F0=9F=A7=B9=20=20Improving=20openssl=20policy?=
 =?UTF-8?q?=20(#393)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Hossein Rouhani <h_rouhani@hotmail.com>
---
 core/mondoo-openssl-vulnerability.mql.yaml | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/core/mondoo-openssl-vulnerability.mql.yaml b/core/mondoo-openssl-vulnerability.mql.yaml
index 472a188c..60f35a3b 100644
--- a/core/mondoo-openssl-vulnerability.mql.yaml
+++ b/core/mondoo-openssl-vulnerability.mql.yaml
@@ -56,7 +56,9 @@ queries:
   - uid: mondoo-openssl-vulnerability
     title: Ensure vulnerable OpenSSL version 3.0.0 - 3.0.6 are not installed
     impact: 100
-    mql: packages.where(name == /ssl/).all( version != /3.0.[0123456]/ )
+    mql: |
+      semver(package('openssl').version.find(/\d+\.\d+\.\d+/).first)  < semver("3.0.0") ||
+        semver(package('openssl').version.find(/\d+\.\d+\.\d+/).first)  > semver("3.0.6")
     docs:
       desc: |
         The OpenSSL Project released a security fix (OpenSSL version 3.0.7) for a new-and-disclosed CVE-2022-3602 and CVE-2022-3786 on Tuesday, November 1, 2022. This CVE is categorized as "HIGH" and affects OpenSSL versions from 3.0.0 to 3.0.6.
@@ -76,7 +78,8 @@ queries:
         3. Run this query:
 
         ```mql
-        packages.where(name == /ssl/).all( version != /3.0.[0123456]/ )
+        semver(package('openssl').version.find(/\d+\.\d+\.\d+/).first)  < semver("3.0.0") ||
+          semver(package('openssl').version.find(/\d+\.\d+\.\d+/).first)  > semver("3.0.6")
         ```
 
         Example output