From be789bcab8efd80fea876db73c9ce334755f4eb4 Mon Sep 17 00:00:00 2001
From: Olivier Mehani <shtrom@ssji.net>
Date: Tue, 25 Apr 2017 11:04:48 +1000
Subject: [PATCH 1/3] [system/debsecan] Count unique CVEs

Signed-off-by: Olivier Mehani <shtrom@ssji.net>
---
 plugins/debian/debsecan  | 148 +------------------------------
 plugins/debian/debsecan_ | 183 +++++++++++++++++++++++++++++++++++++++
 2 files changed, 184 insertions(+), 147 deletions(-)
 mode change 100755 => 120000 plugins/debian/debsecan
 create mode 100755 plugins/debian/debsecan_

diff --git a/plugins/debian/debsecan b/plugins/debian/debsecan
deleted file mode 100755
index 66bb0b4e..00000000
--- a/plugins/debian/debsecan
+++ /dev/null
@@ -1,147 +0,0 @@
-#!/bin/sh
-
-: << =cut
-
-=head1 NAME
-
-debsecan - Plugin to monitor the number of CVE vulnerabilities present on a Debian
-system (using debsecan). Might work on other distib, who knows...
-
-=head1 CONFIGURATION
-
-    [debsecan]
-    env.suite jessie
-    env.fixed_warn 1
-    env.fixed_critical 1000
-    env.remote_warn 1
-    env.remote_critical 10
-
-=head1 AUTHORS
-
-* Nicolas BOUTHORS <nbouthors@nbi.fr> http://nbi.fr/, Inspiration of the moment 10/10/2007
-* Olivier Mehani <shtrom+munin@ssji.net>, 2016
-
-=head1 LICENSE
-
-Public Domain
-
-=head1 MAGIC MARKERS
-
-%# family=auto
-%# capabilities=autoconf
-
-=cut
-
-# Auto enable if we have debsecan only
-if [ "$1" = "autoconf" ] ; then
-  if [ -x /usr/bin/debsecan ]; then
-    echo yes
-  else
-    echo 'no (/usr/bin/debsecan not found)'
-  fi
-  exit 0
-fi
-
-# Fail if we don't have debsecan
-if [ ! -x /usr/bin/debsecan ]; then
-  echo 'error: /usr/bin/debsecan not found' >&2
-  exit 1
-fi
-
-# Determine suite from filename...
-SUITE=$(echo "$0" | sed 's/.*_//')
-if [ "${SUITE}" = "${0}" ]; then
-	# ...or fall back onto configuration in environment
-	SUITE=${suite:-sid}
-fi
-FIXEDWARN=${fixed_warning:-1}
-FIXEDCRIT=${fixed_critical:-1000}
-REMOTEWARN=${remote_warning:-1}
-REMOTECRIT=${remote_critical:-10}
-
-if [ "$1" = "config" ] ; then
-  cat <<EOF_
-graph_title DebSecan : vulnerabilities for ${SUITE}
-graph_args -l 0 --base 1000
-graph_vlabel number of CVE
-graph_category security
-graph_period second
-graph_info This graph show the number of known vulnerabilities present on your system. Use debsecan to see details.
-remote.label remote
-remote.colour FF0000
-remote.type GAUGE
-remote.draw AREASTACK
-remote.min 0
-remote.info The number of remotely exploitable CVEs with any priority
-remote.warning ${REMOTEWARN}
-remote.critical ${REMOTECRIT}
-high.label high
-high.colour DD2200
-high.type GAUGE
-high.draw AREASTACK
-high.min 0
-high.info The number of CVEs marked high priority
-medium.label medium
-medium.colour FFAA00
-medium.type GAUGE
-medium.draw AREASTACK
-medium.min 0
-medium.info The number of CVEs marked medium priority
-low.label low
-low.colour 0000FF
-low.type GAUGE
-low.draw AREASTACK
-low.min 0
-low.info The number of CVEs marked low priority
-other.label other
-other.colour 00AAFF
-other.type GAUGE
-other.draw AREASTACK
-other.min 0
-other.info The number of CVEs with unspecified priority
-fixed.label fixed
-fixed.type GAUGE
-fixed.draw LINE2
-fixed.min 0
-fixed.info The number of CVEs fixed by available updates
-fixed.warning ${FIXEDWARN}
-fixed.critical ${FIXEDCRIT}
-EOF_
-  exit 0
-fi
-
-ALL=$(debsecan --suite "${SUITE}" 2> /dev/null)
-REMOTE=$(echo "$ALL" | grep 'remotely')
-NONREMOTE=$(echo "$ALL" | grep -v 'remotely')
-
-HIGH=$(echo "${NONREMOTE}" | grep 'high urgency')
-MEDIUM=$(echo "${NONREMOTE}" | grep 'medium urgency')
-LOW=$(echo "${NONREMOTE}" | grep 'low urgency')
-OTHER=$(echo "${NONREMOTE}" | grep -v 'urgency')
-FIXED=$(echo "${ALL}" | grep '(fixed')
-
-remote_count=$(echo "${REMOTE}" | wc -l)
-high_count=$(echo "${HIGH}" | wc -l)
-medium_count=$(echo "${MEDIUM}" | wc -l)
-low_count=$(echo "${LOW}" | wc -l)
-other_count=$(echo "${OTHER}" | wc -l)
-fixed_count=$(echo "${FIXED}" | wc -l)
-
-CVECOUNTRE="s/^ *\([0-9]\+\) \+\([^ ]\+\)/\2 (\1)/"
-
-# shellcheck disable=SC2005 disable=SC2046
-# The nested $(echo ...)s are needed to yet the newlines
-cat <<EOF
-remote.value $remote_count
-remote.extinfo $(echo $(echo "${REMOTE}" | cut -f 2 -d " "| uniq -c | sort -nr | sed "${CVECOUNTRE}"))
-high.value $high_count
-high.extinfo $(echo $(echo "${HIGH}" | cut -f 2 -d " " | uniq -c | sort -nr | sed "${CVECOUNTRE}"))
-medium.value $medium_count
-medium.extinfo $(echo $(echo "${MEDIUM}" | cut -f 2 -d " " | uniq -c | sort -nr | sed "${CVECOUNTRE}"))
-low.value $low_count
-low.extinfo $(echo $(echo "${LOW}" | cut -f 2 -d " " | uniq -c | sort -nr | sed "${CVECOUNTRE}"))
-other.value $other_count
-other.extinfo $(echo $(echo "${OTHER}" | cut -f 2 -d " " | uniq -c | sort -nr | sed "${CVECOUNTRE}"))
-fixed.value $fixed_count
-fixed.extinfo $(echo $(echo "${FIXED}" | cut -f 2 -d " " | uniq -c | sort -nr | sed "${CVECOUNTRE}"))
-EOF
diff --git a/plugins/debian/debsecan b/plugins/debian/debsecan
new file mode 120000
index 00000000..857e9537
--- /dev/null
+++ b/plugins/debian/debsecan
@@ -0,0 +1 @@
+debsecan_
\ No newline at end of file
diff --git a/plugins/debian/debsecan_ b/plugins/debian/debsecan_
new file mode 100755
index 00000000..6b1f69e5
--- /dev/null
+++ b/plugins/debian/debsecan_
@@ -0,0 +1,183 @@
+#!/bin/sh
+
+: << =cut
+
+=head1 NAME
+
+debsecan - Plugin to monitor the number of CVE vulnerabilities present on a Debian-ish
+system (using debsecan). This plugin can either report the sum of vulnerabilities present in each packages ('pkg' mode, default), or the number of unique CVEs affecting the system ('cve' mode).
+
+The 'cve' mode is a better indication of the risk level of the system (as
+multiple packages with the same vulnerable source get counted repeatedly), but
+the 'pkg' provides valuable information to identify packages with high number
+of vulnerabilities that should be considered for deletion.
+
+Simply symlink this plugin into your Munin plugins directory as
+- debsecan_pkg (the extra_info will list the number of CVE affecting each package)
+- debsecan_cve (the extra_info will list the number of packages affected by each CVE)
+
+For backward compatibility, a symlink without a mode will default to 'pkg'.
+
+=head1 CONFIGURATION
+
+The default configuration is as follows.
+
+    [debsecan]
+    env.suite jessie
+    env.fixed_warn 1
+    env.fixed_critical 1000
+    env.remote_warn 1
+    env.remote_critical 10
+
+The name of the group needs to match the name of the symlink to be applied.
+Shell globbing patterns are allowed.
+
+=head1 AUTHORS
+
+* Nicolas BOUTHORS <nbouthors@nbi.fr> http://nbi.fr/, Inspiration of the moment 10/10/2007
+* Olivier Mehani <shtrom+munin@ssji.net>, 2016
+
+=head1 LICENSE
+
+Public Domain
+
+=head1 MAGIC MARKERS
+
+%# family=auto
+%# capabilities=autoconf
+
+=cut
+
+# Auto enable if we have debsecan only
+if [ "$1" = "autoconf" ] ; then
+  if [ -x /usr/bin/debsecan ]; then
+    echo yes
+  else
+    echo 'no (/usr/bin/debsecan not found)'
+  fi
+  exit 0
+fi
+
+# Fail if we don't have debsecan
+if [ ! -x /usr/bin/debsecan ]; then
+  echo 'error: /usr/bin/debsecan not found' >&2
+  exit 1
+fi
+
+SUITE=${suite:-sid}
+FIXEDWARN=${fixed_warning:-1}
+FIXEDCRIT=${fixed_critical:-1000}
+REMOTEWARN=${remote_warning:-1}
+REMOTECRIT=${remote_critical:-10}
+
+MODE=$(echo "$0" | sed 's/.*_//')
+case "${MODE}" in
+	'cve')
+		TITLE_ADD="unique "
+		CUT_FIELD=1
+		;;
+	'pkg' | *)
+		TITLE_ADD="package "
+		CUT_FIELD=2
+		;;
+esac
+
+if [ "$1" = "config" ] ; then
+  cat <<EOF_
+graph_title DebSecan : ${TITLE_ADD}vulnerabilities for ${SUITE}
+graph_args -l 0 --base 1000
+graph_vlabel number of CVE
+graph_category system
+graph_period second
+graph_info This graph show the number of known ${TITLE_ADD}vulnerabilities present on your system. Use debsecan to see details.
+remote.label remote
+remote.colour FF0000
+remote.type GAUGE
+remote.draw AREASTACK
+remote.min 0
+remote.info The number of ${TITLE_ADD}remotely exploitable CVEs with any priority
+remote.warning ${REMOTEWARN}
+remote.critical ${REMOTECRIT}
+high.label high
+high.colour DD2200
+high.type GAUGE
+high.draw AREASTACK
+high.min 0
+high.info The number of ${TITLE_ADD}CVEs marked high priority
+medium.label medium
+medium.colour FFAA00
+medium.type GAUGE
+medium.draw AREASTACK
+medium.min 0
+medium.info The number of ${TITLE_ADD}CVEs marked medium priority
+low.label low
+low.colour 0000FF
+low.type GAUGE
+low.draw AREASTACK
+low.min 0
+low.info The number of ${TITLE_ADD}CVEs marked low priority
+other.label other
+other.colour 00AAFF
+other.type GAUGE
+other.draw AREASTACK
+other.min 0
+other.info The number of ${TITLE_ADD}CVEs with unspecified priority
+fixed.label fixed
+fixed.type GAUGE
+fixed.draw LINE2
+fixed.min 0
+fixed.info The number of ${TITLE_ADD}CVEs fixed by available updates
+fixed.warning ${FIXEDWARN}
+fixed.critical ${FIXEDCRIT}
+EOF_
+  exit 0
+fi
+
+ALL=$(debsecan --suite "${SUITE}" 2> /dev/null)
+REMOTE=$(echo "$ALL" | grep 'remotely')
+NONREMOTE=$(echo "$ALL" | grep -v 'remotely')
+
+HIGH=$(echo "${NONREMOTE}" | grep 'high urgency')
+MEDIUM=$(echo "${NONREMOTE}" | grep 'medium urgency')
+LOW=$(echo "${NONREMOTE}" | grep 'low urgency')
+OTHER=$(echo "${NONREMOTE}" | grep -v 'urgency')
+FIXED=$(echo "${ALL}" | grep '(fixed')
+
+case "${MODE}" in
+	'cve')
+		remote_count=$(echo "${REMOTE}" | cut -f "${CUT_FIELD}" -d " "| sort | uniq | wc -l)
+		high_count=$(echo "${HIGH}" | cut -f "${CUT_FIELD}" -d " "| sort | uniq | wc -l)
+		medium_count=$(echo "${MEDIUM}" | cut -f "${CUT_FIELD}" -d " "| sort | uniq | wc -l)
+		low_count=$(echo "${LOW}" | cut -f "${CUT_FIELD}" -d " "| sort | uniq | wc -l)
+		other_count=$(echo "${OTHER}" | cut -f "${CUT_FIELD}" -d " "| sort | uniq | wc -l)
+		fixed_count=$(echo "${FIXED}" | cut -f "${CUT_FIELD}" -d " "| sort | uniq | wc -l)
+		;;
+	'pkg' | *)
+		remote_count=$(echo "${REMOTE}" | wc -l)
+		high_count=$(echo "${HIGH}" | wc -l)
+		medium_count=$(echo "${MEDIUM}" | wc -l)
+		low_count=$(echo "${LOW}" | wc -l)
+		other_count=$(echo "${OTHER}" | wc -l)
+		fixed_count=$(echo "${FIXED}" | wc -l)
+		;;
+esac
+
+# Reformat the output of the cut|sort|uniq... to a more human-friendly "item (count)" format
+CVECOUNTRE="s/^ *\([0-9]\+\) \+\([^ ]\+\)/\2 (\1)/"
+
+# shellcheck disable=SC2005 disable=SC2046
+# The nested $(echo ...)s are needed to yet the newlines
+cat <<EOF
+remote.value $remote_count
+remote.extinfo $(echo $(echo "${REMOTE}" | cut -f "${CUT_FIELD}" -d " "| sort | uniq -c | sort -nr | sed "${CVECOUNTRE}"))
+high.value $high_count
+high.extinfo $(echo $(echo "${HIGH}" | cut -f "${CUT_FIELD}" -d " " | sort | uniq -c | sort -nr | sed "${CVECOUNTRE}"))
+medium.value $medium_count
+medium.extinfo $(echo $(echo "${MEDIUM}" | cut -f "${CUT_FIELD}" -d " " | sort | uniq -c | sort -nr | sed "${CVECOUNTRE}"))
+low.value $low_count
+low.extinfo $(echo $(echo "${LOW}" | cut -f "${CUT_FIELD}" -d " " | sort | uniq -c | sort -nr | sed "${CVECOUNTRE}"))
+other.value $other_count
+other.extinfo $(echo $(echo "${OTHER}" | cut -f "${CUT_FIELD}" -d " " | sort | uniq -c | sort -nr | sed "${CVECOUNTRE}"))
+fixed.value $fixed_count
+fixed.extinfo $(echo $(echo "${FIXED}" | cut -f "${CUT_FIELD}" -d " " | sort | uniq -c | sort -nr | sed "${CVECOUNTRE}"))
+EOF

From 75a476c2a7164f1f6e172d65f7a53e4ea37c7e67 Mon Sep 17 00:00:00 2001
From: Olivier Mehani <shtrom@ssji.net>
Date: Wed, 26 Apr 2017 21:42:47 +1000
Subject: [PATCH 2/3] [debian/debsecan_] Code cleanup

Signed-off-by: Olivier Mehani <shtrom@ssji.net>
---
 plugins/debian/debsecan_ | 50 ++++++++++++++++++++++------------------
 1 file changed, 28 insertions(+), 22 deletions(-)

diff --git a/plugins/debian/debsecan_ b/plugins/debian/debsecan_
index 6b1f69e5..b563116b 100755
--- a/plugins/debian/debsecan_
+++ b/plugins/debian/debsecan_
@@ -74,17 +74,17 @@ MODE=$(echo "$0" | sed 's/.*_//')
 case "${MODE}" in
 	'cve')
 		TITLE_ADD="unique "
-		CUT_FIELD=1
+		FIELD=1
 		;;
 	'pkg' | *)
 		TITLE_ADD="package "
-		CUT_FIELD=2
+		FIELD=2
 		;;
 esac
 
 if [ "$1" = "config" ] ; then
   cat <<EOF_
-graph_title DebSecan : ${TITLE_ADD}vulnerabilities for ${SUITE}
+graph_title DebSecan: ${TITLE_ADD}vulnerabilities for ${SUITE}
 graph_args -l 0 --base 1000
 graph_vlabel number of CVE
 graph_category system
@@ -134,23 +134,29 @@ EOF_
 fi
 
 ALL=$(debsecan --suite "${SUITE}" 2> /dev/null)
-REMOTE=$(echo "$ALL" | grep 'remotely')
-NONREMOTE=$(echo "$ALL" | grep -v 'remotely')
+REMOTE=$(echo "$ALL" | grep -w 'remotely')
+NONREMOTE=$(echo "$ALL" | grep -wv 'remotely')
 
-HIGH=$(echo "${NONREMOTE}" | grep 'high urgency')
-MEDIUM=$(echo "${NONREMOTE}" | grep 'medium urgency')
-LOW=$(echo "${NONREMOTE}" | grep 'low urgency')
-OTHER=$(echo "${NONREMOTE}" | grep -v 'urgency')
-FIXED=$(echo "${ALL}" | grep '(fixed')
+HIGH=$(echo "${NONREMOTE}" | grep -w 'high urgency')
+MEDIUM=$(echo "${NONREMOTE}" | grep -w 'medium urgency')
+LOW=$(echo "${NONREMOTE}" | grep -w 'low urgency')
+OTHER=$(echo "${NONREMOTE}" | grep -wv 'urgency')
+FIXED=$(echo "${ALL}" | grep -w '(fixed')
+
+# Arguments: Field offset to aggregate by
+count_entries() {
+	CUT_FIELD=${1}
+	cut -f "${CUT_FIELD}" -d " "| sort | uniq -c
+}
 
 case "${MODE}" in
 	'cve')
-		remote_count=$(echo "${REMOTE}" | cut -f "${CUT_FIELD}" -d " "| sort | uniq | wc -l)
-		high_count=$(echo "${HIGH}" | cut -f "${CUT_FIELD}" -d " "| sort | uniq | wc -l)
-		medium_count=$(echo "${MEDIUM}" | cut -f "${CUT_FIELD}" -d " "| sort | uniq | wc -l)
-		low_count=$(echo "${LOW}" | cut -f "${CUT_FIELD}" -d " "| sort | uniq | wc -l)
-		other_count=$(echo "${OTHER}" | cut -f "${CUT_FIELD}" -d " "| sort | uniq | wc -l)
-		fixed_count=$(echo "${FIXED}" | cut -f "${CUT_FIELD}" -d " "| sort | uniq | wc -l)
+		remote_count=$(echo "${REMOTE}" | count_entries ${FIELD} | wc -l)
+		high_count=$(echo "${HIGH}" | count_entries ${FIELD} | wc -l)
+		medium_count=$(echo "${MEDIUM}" | count_entries ${FIELD} | wc -l)
+		low_count=$(echo "${LOW}" | count_entries ${FIELD} | wc -l)
+		other_count=$(echo "${OTHER}" | count_entries ${FIELD} | wc -l)
+		fixed_count=$(echo "${FIXED}" | count_entries ${FIELD} | wc -l)
 		;;
 	'pkg' | *)
 		remote_count=$(echo "${REMOTE}" | wc -l)
@@ -169,15 +175,15 @@ CVECOUNTRE="s/^ *\([0-9]\+\) \+\([^ ]\+\)/\2 (\1)/"
 # The nested $(echo ...)s are needed to yet the newlines
 cat <<EOF
 remote.value $remote_count
-remote.extinfo $(echo $(echo "${REMOTE}" | cut -f "${CUT_FIELD}" -d " "| sort | uniq -c | sort -nr | sed "${CVECOUNTRE}"))
+remote.extinfo $(echo $(echo "${REMOTE}" | count_entries ${FIELD} | sort -nr | sed "${CVECOUNTRE}"))
 high.value $high_count
-high.extinfo $(echo $(echo "${HIGH}" | cut -f "${CUT_FIELD}" -d " " | sort | uniq -c | sort -nr | sed "${CVECOUNTRE}"))
+high.extinfo $(echo $(echo "${HIGH}" | count_entries ${FIELD} | sort -nr | sed "${CVECOUNTRE}"))
 medium.value $medium_count
-medium.extinfo $(echo $(echo "${MEDIUM}" | cut -f "${CUT_FIELD}" -d " " | sort | uniq -c | sort -nr | sed "${CVECOUNTRE}"))
+medium.extinfo $(echo $(echo "${MEDIUM}" | count_entries ${FIELD} | sort -nr | sed "${CVECOUNTRE}"))
 low.value $low_count
-low.extinfo $(echo $(echo "${LOW}" | cut -f "${CUT_FIELD}" -d " " | sort | uniq -c | sort -nr | sed "${CVECOUNTRE}"))
+low.extinfo $(echo $(echo "${LOW}" | count_entries ${FIELD} | sort -nr | sed "${CVECOUNTRE}"))
 other.value $other_count
-other.extinfo $(echo $(echo "${OTHER}" | cut -f "${CUT_FIELD}" -d " " | sort | uniq -c | sort -nr | sed "${CVECOUNTRE}"))
+other.extinfo $(echo $(echo "${OTHER}" | count_entries ${FIELD} | sort -nr | sed "${CVECOUNTRE}"))
 fixed.value $fixed_count
-fixed.extinfo $(echo $(echo "${FIXED}" | cut -f "${CUT_FIELD}" -d " " | sort | uniq -c | sort -nr | sed "${CVECOUNTRE}"))
+fixed.extinfo $(echo $(echo "${FIXED}" | count_entries ${FIELD} | sort -nr | sed "${CVECOUNTRE}"))
 EOF

From b2d742b2439a3c57ae0d0199d9628d52f2191d18 Mon Sep 17 00:00:00 2001
From: Olivier Mehani <shtrom@ssji.net>
Date: Thu, 27 Apr 2017 12:17:13 +1000
Subject: [PATCH 3/3] [debian/debsecan_] Quote stragglers

Signed-off-by: Olivier Mehani <shtrom@ssji.net>
---
 plugins/debian/debsecan_ | 26 +++++++++++++-------------
 1 file changed, 13 insertions(+), 13 deletions(-)

diff --git a/plugins/debian/debsecan_ b/plugins/debian/debsecan_
index b563116b..a3a381b4 100755
--- a/plugins/debian/debsecan_
+++ b/plugins/debian/debsecan_
@@ -145,18 +145,18 @@ FIXED=$(echo "${ALL}" | grep -w '(fixed')
 
 # Arguments: Field offset to aggregate by
 count_entries() {
-	CUT_FIELD=${1}
+	CUT_FIELD="${1}"
 	cut -f "${CUT_FIELD}" -d " "| sort | uniq -c
 }
 
 case "${MODE}" in
 	'cve')
-		remote_count=$(echo "${REMOTE}" | count_entries ${FIELD} | wc -l)
-		high_count=$(echo "${HIGH}" | count_entries ${FIELD} | wc -l)
-		medium_count=$(echo "${MEDIUM}" | count_entries ${FIELD} | wc -l)
-		low_count=$(echo "${LOW}" | count_entries ${FIELD} | wc -l)
-		other_count=$(echo "${OTHER}" | count_entries ${FIELD} | wc -l)
-		fixed_count=$(echo "${FIXED}" | count_entries ${FIELD} | wc -l)
+		remote_count=$(echo "${REMOTE}" | count_entries "${FIELD}" | wc -l)
+		high_count=$(echo "${HIGH}" | count_entries "${FIELD}" | wc -l)
+		medium_count=$(echo "${MEDIUM}" | count_entries "${FIELD}" | wc -l)
+		low_count=$(echo "${LOW}" | count_entries "${FIELD}" | wc -l)
+		other_count=$(echo "${OTHER}" | count_entries "${FIELD}" | wc -l)
+		fixed_count=$(echo "${FIXED}" | count_entries "${FIELD}" | wc -l)
 		;;
 	'pkg' | *)
 		remote_count=$(echo "${REMOTE}" | wc -l)
@@ -175,15 +175,15 @@ CVECOUNTRE="s/^ *\([0-9]\+\) \+\([^ ]\+\)/\2 (\1)/"
 # The nested $(echo ...)s are needed to yet the newlines
 cat <<EOF
 remote.value $remote_count
-remote.extinfo $(echo $(echo "${REMOTE}" | count_entries ${FIELD} | sort -nr | sed "${CVECOUNTRE}"))
+remote.extinfo $(echo $(echo "${REMOTE}" | count_entries "${FIELD}" | sort -nr | sed "${CVECOUNTRE}"))
 high.value $high_count
-high.extinfo $(echo $(echo "${HIGH}" | count_entries ${FIELD} | sort -nr | sed "${CVECOUNTRE}"))
+high.extinfo $(echo $(echo "${HIGH}" | count_entries "${FIELD}" | sort -nr | sed "${CVECOUNTRE}"))
 medium.value $medium_count
-medium.extinfo $(echo $(echo "${MEDIUM}" | count_entries ${FIELD} | sort -nr | sed "${CVECOUNTRE}"))
+medium.extinfo $(echo $(echo "${MEDIUM}" | count_entries "${FIELD}" | sort -nr | sed "${CVECOUNTRE}"))
 low.value $low_count
-low.extinfo $(echo $(echo "${LOW}" | count_entries ${FIELD} | sort -nr | sed "${CVECOUNTRE}"))
+low.extinfo $(echo $(echo "${LOW}" | count_entries "${FIELD}" | sort -nr | sed "${CVECOUNTRE}"))
 other.value $other_count
-other.extinfo $(echo $(echo "${OTHER}" | count_entries ${FIELD} | sort -nr | sed "${CVECOUNTRE}"))
+other.extinfo $(echo $(echo "${OTHER}" | count_entries "${FIELD}" | sort -nr | sed "${CVECOUNTRE}"))
 fixed.value $fixed_count
-fixed.extinfo $(echo $(echo "${FIXED}" | count_entries ${FIELD} | sort -nr | sed "${CVECOUNTRE}"))
+fixed.extinfo $(echo $(echo "${FIXED}" | count_entries "${FIELD}" | sort -nr | sed "${CVECOUNTRE}"))
 EOF