From 0028dcf7c5067b4ba963f2f7ec9937c205ba6321 Mon Sep 17 00:00:00 2001
From: m-1-k-3 <m1k3@s3cur1ty.de>
Date: Tue, 22 Oct 2024 09:31:19 +0200
Subject: [PATCH] fix update check

---
 helpers/helpers_emba_dependency_check.sh   | 7 ++++---
 modules/S06_distribution_identification.sh | 3 ++-
 2 files changed, 6 insertions(+), 4 deletions(-)

diff --git a/helpers/helpers_emba_dependency_check.sh b/helpers/helpers_emba_dependency_check.sh
index 50d2619f3..21644687e 100755
--- a/helpers/helpers_emba_dependency_check.sh
+++ b/helpers/helpers_emba_dependency_check.sh
@@ -133,7 +133,7 @@ check_nvd_db() {
   local REMOTE_HASH="${1:-}"
   local LOCAL_HASH=""
   if [[ -d "${EXT_DIR}"/nvd-json-data-feeds ]] ; then
-    LOCAL_HASH="$(head -c 8 "${EXT_DIR}"/nvd-json-data-feeds/.git/refs/heads/main)"
+    LOCAL_HASH="$(head "${EXT_DIR}"/nvd-json-data-feeds/.git/refs/heads/main)"
 
     if [[ "${REMOTE_HASH}" == "${LOCAL_HASH}" ]]; then
       echo -e "    CVE database version - ${GREEN}ok${NC}"
@@ -147,7 +147,7 @@ check_epss_db() {
   local REMOTE_HASH="${1:-}"
   local LOCAL_HASH=""
   if [[ -d "${EXT_DIR}"/EPSS-data ]] ; then
-    LOCAL_HASH="$(head -c 8 "${EXT_DIR}"/EPSS-data/.git/refs/heads/main)"
+    LOCAL_HASH="$(head "${EXT_DIR}"/EPSS-data/.git/refs/heads/main)"
 
     if [[ "${REMOTE_HASH}" == "${LOCAL_HASH}" ]]; then
       echo -e "    EPSS database version - ${GREEN}ok${NC}"
@@ -161,7 +161,8 @@ check_git_hash() {
   local REMOTE_HASH="${1:-}"
   local LOCAL_HASH=""
   if git rev-parse --is-inside-work-tree >/dev/null 2>&1 ; then
-    LOCAL_HASH="$(git describe --always)"
+    LOCAL_HASH="$(head .git/refs/heads/master)"
+    # LOCAL_HASH="$(git describe --always)"
 
     if [[ "${REMOTE_HASH}" == "${LOCAL_HASH}" ]]; then
       echo -e "    EMBA github version - ${GREEN}ok${NC}"
diff --git a/modules/S06_distribution_identification.sh b/modules/S06_distribution_identification.sh
index 7a4f52fa5..ef6bd80e9 100755
--- a/modules/S06_distribution_identification.sh
+++ b/modules/S06_distribution_identification.sh
@@ -48,9 +48,10 @@ S06_distribution_identification()
       lSEARCH_FILE="$(safe_echo "${CONFIG}" | cut -d\; -f2)"
       # echo "lSEARCH_FILE: $lSEARCH_FILE"
       # echo "FIRMWARE_PATH: $FIRMWARE_PATH"
-      if [[ "${lSEARCH_FILE}" == *"os_release"* ]] || [[ "${lSEARCH_FILE}" == *"lsb-release"* ]]; then
+      if [[ "${lSEARCH_FILE}" == *"os-release"* ]] || [[ "${lSEARCH_FILE}" == *"lsb-release"* ]]; then
         # lets check if we have already a valid debian entry -> if so, we can skip this test
         # this usually happens if we have already found an os_release or lsb-release file
+        # echo "Check for debian - os_release / lsb-release"
         if grep -qE "debian_linux:[0-9]+" "${S06_CSV_LOG}"; then
           print_output "[*] Already identified Debian Linux version -> skipping further tests now" "no_log"
           continue