Add checker librsvg

.github/actions/spelling/allow.txt

@@ -180,6 +180,7 @@ liblas
 libnss
 libpng
 libraryname
+librsvg
 libsndfile
 libsoup
 libsqlite

cve_bin_tool/checkers/__init__.py

@@ -60,6 +60,7 @@
     "libjpeg_turbo",
     "liblas",
     "libnss",
+    "librsvg",
     "libsndfile",
     "libsoup",
     "libssh2",

cve_bin_tool/checkers/librsvg.py

@@ -0,0 +1,16 @@
+# Copyright (C) 2022 Intel Corporation
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+"""
+CVE checker for librsvg
+
+https://www.cvedetails.com/product/23082/Gnome-Librsvg.html?vendor_id=283
+"""
+from cve_bin_tool.checkers import Checker
+
+
+class LibrsvgChecker(Checker):
+    CONTAINS_PATTERNS = []
+    FILENAME_PATTERNS = [r"librsvg"]
+    VERSION_PATTERNS = [r"librsvg[0-9]?([0-9]+\.[0-99]+\.[0-99]+)"]
+    VENDOR_PRODUCT = [("gnome", "librsvg")]

doc/MANUAL.md

@@ -115,23 +115,23 @@ which is useful if you're trying the latest code from
 
 <!--CHECKERS TABLE BEGIN-->
 |   |  |  | Available checkers |  |  |  |
-|--------------- |------------- |--------- |---------- |------------- |------------ |--------------- |
+|--------------- |--------- |------------- |---------- |------------- |---------- |------------ |
 | accountsservice |avahi |bash |bind |binutils |bolt |bubblewrap |
 | busybox |bzip2 |cronie |cryptsetup |cups |curl |dbus |
 | dnsmasq |dovecot |dpkg |enscript |expat |ffmpeg |freeradius |
 | ftp |gcc |gimp |glibc |gnomeshell |gnupg |gnutls |
 | gpgme |gstreamer |gupnp |haproxy |hdf5 |hostapd |hunspell |
 | icecast |icu |irssi |kbd |kerberos |kexectools |libarchive |
 | libbpg |libdb |libgcrypt |libical |libjpeg_turbo |liblas |libnss |
-| libsndfile |libsoup |libssh2 |libtiff |libvirt |libvncserver |libxslt |
-| lighttpd |logrotate |lua |mariadb |mdadm |memcached |mtr |
-| mysql |nano |ncurses |nessus |netpbm |nginx |node |
-| ntp |open_vm_tools |openafs |openjpeg |openldap |openssh |openssl |
-| openswan |openvpn |p7zip |pcsc_lite |pigz |png |polarssl_fedora |
-| poppler |postgresql |pspp |python |qt |radare2 |rsyslog |
-| samba |sane_backends |sqlite |strongswan |subversion |sudo |syslogng |
-| systemd |tcpdump |trousers |varnish |webkitgtk |wireshark |wpa_supplicant |
-| xerces |xml2 |zlib |zsh | | | |
+| libsndfile |libsoup |libsrtp |libssh2 |libtiff |libvirt |libvncserver |
+| libxslt |lighttpd |logrotate |lua |mariadb |mdadm |memcached |
+| mtr |mysql |nano |ncurses |nessus |netpbm |nginx |
+| node |ntp |open_vm_tools |openafs |openjpeg |openldap |openssh |
+| openssl |openswan |openvpn |p7zip |pcsc_lite |pigz |png |
+| polarssl_fedora |poppler |postgresql |pspp |python |qt |radare2 |
+| rsyslog |samba |sane_backends |sqlite |strongswan |subversion |sudo |
+| syslogng |systemd |tcpdump |trousers |varnish |webkitgtk |wireshark |
+| wpa_supplicant |xerces |xml2 |zlib |zsh | | |
 <!--CHECKERS TABLE END-->
 
 For a quick overview of usage and how it works, you can also see [the readme file](README.md).
@@ -215,7 +215,7 @@ in the Input section.
 ## Limitations
 
 The last release of this tool to support python 2.7 is 0.3.1.  Please use
-python 3.6+ for development and future versions.  Linux and Windows are
+python 3.7+ for development and future versions.  Linux and Windows are
 supported, as is usage within cygwin on windows.
 
 This tool does not scan for all possible known public vulnerabilities, it only

test/test_data/librsvg.py

@@ -0,0 +1,18 @@
+# Copyright (C) 2022 Intel Corporation
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+mapping_test_data = [
+    {
+        "product": "librsvg2",
+        "version": "2.40.20",
+        "version_strings": ["librsvg-2.so.2.40.20"],
+    },
+]
+package_test_data = [
+    {
+        "url": "http://mirror.centos.org/altarch/7/os/aarch64/Packages/",
+        "package_name": "librsvg2-2.40.20-1.el7.aarch64.rpm",
+        "product": "librsvg2",
+        "version": "2.40.20",
+    },
+]