feat(checker): add libsixel checker (#5225)

Signed-off-by: Fabrice Fontaine <[email protected]>

Author: ffontaine

cve_bin_tool/checkers/__init__.py

@@ -222,6 +222,7 @@
     "librsync",
     "libsamplerate",
     "libseccomp",
+    "libsixel",
     "libsndfile",
     "libsolv",
     "libsoup",

cve_bin_tool/checkers/libsixel.py

@@ -0,0 +1,20 @@
+# Copyright (C) 2025 Orange
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+
+"""
+CVE checker for libsixel
+
+https://www.cvedetails.com/product/48608/Libsixel-Project-Libsixel.html?vendor_id=19024
+
+"""
+from __future__ import annotations
+
+from cve_bin_tool.checkers import Checker
+
+
+class LibsixelChecker(Checker):
+    CONTAINS_PATTERNS: list[str] = []
+    FILENAME_PATTERNS: list[str] = []
+    VERSION_PATTERNS = [r"sixel[a-z0-9 ]*([0-9]+\.[0-9]+\.[0-9]+)"]
+    VENDOR_PRODUCT = [("libsixel_project", "libsixel")]

test/condensed-downloads/libsixel-bin_1.8.6-2_s390x.deb.tar.gz

@@ -0,0 +1,27 @@
+# Copyright (C) 2025 Orange
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+mapping_test_data = [
+    {"product": "libsixel", "version": "1.8.6", "version_strings": ["sixel 1.8.6"]}
+]
+package_test_data = [
+    {
+        "url": "http://rpmfind.net/linux/fedora/linux/development/rawhide/Everything/aarch64/os/Packages/l/",
+        "package_name": "libsixel-utils-1.10.5-2.fc43.aarch64.rpm",
+        "product": "libsixel",
+        "version": "1.10.5",
+    },
+    {
+        "url": "http://ftp.debian.org/debian/pool/main/libs/libsixel/",
+        "package_name": "libsixel-bin_1.8.6-2_s390x.deb",
+        "product": "libsixel",
+        "version": "1.8.6",
+    },
+    {
+        "url": "https://dl-cdn.alpinelinux.org/alpine/v3.19/community/x86_64/",
+        "package_name": "libsixel-tools-1.10.3_git20221121-r2.apk",
+        "product": "libsixel",
+        "version": "1.10.3",
+        "other_products": ["gcc"],
+    },
+]