diff options
| author | Salvatore Bonaccorso <carnil@debian.org> | 2024-01-05 16:30:23 +0100 |
|---|---|---|
| committer | Salvatore Bonaccorso <carnil@debian.org> | 2024-01-06 16:58:59 +0100 |
| commit | 0108d353dfb9edb01d7cf80d2c13b8115f4bb6c7 (patch) | |
| tree | ee31a3aed82d6ac850c4b80445ea96210ff6daa5 /bin | |
| parent | 0191d6dab32795188024bb6335afcc7eb3b190f1 (diff) | |
tracker_service: Fix generation of references for followup DSAs
As noted by Thomas Lange, incremented DSA references were as well
pointing to the unversioned DSA page, for instance
https://security-tracker.debian.org/tracker/DSA-5576-2 refers in it
source field https://www.debian.org/security/2023/dsa-5576 which will
redirect to the DSA-5576-1 announce mail.
Add logic to the url_dsa to only refer to the unversioned DSA reference
for the initial revision. Followups, either due to regression or
incomplete security fix will refer to the respective revision.
As potentially in a later change on debian-www side will make the
unversioned DSA entries refer to the latest mailinglist post about a
DSA, a followup commit might actually simplify the logic to always
generate the reference with the respective revision.
Reported-by: Thomas Lange <lange@cs.uni-koeln.de>
Link: https://lists.debian.org/debian-security/2024/01/msg00001.html
Signed-off-by: Salvatore Bonaccorso <carnil@debian.org>
Diffstat (limited to 'bin')
| -rwxr-xr-x | bin/tracker_service.py | 12 |
1 files changed, 8 insertions, 4 deletions
diff --git a/bin/tracker_service.py b/bin/tracker_service.py index fd7718053b..71c9f83c8a 100755 --- a/bin/tracker_service.py +++ b/bin/tracker_service.py @@ -1548,16 +1548,20 @@ Debian bug number.'''), def url_web_search_bug(self, url, name): return url.absolute("https://duckduckgo.com/html", q='"%s"' % name) - def url_dsa(self, url, dsa, re_dsa=re.compile(r'^DSA-(\d+)(?:-\d+)?$')): + def url_dsa(self, url, dsa, re_dsa=re.compile(r'^DSA-(\d+)(-\d+)?$')): match = re_dsa.match(dsa) if match: + (number,revision) = match.groups() + if revision == "-1": + link = "dsa-%d" % int(number) + else: + link = dsa.lower() # We must determine the year because there is no generic URL. - (number,) = match.groups() for (date,) in self.db.cursor().execute( "SELECT release_date FROM bugs WHERE name = ?", (dsa,)): (y, m, d) = date.split('-') - return url.absolute("https://www.debian.org/security/%d/dsa-%d" - % (int(y), int(number))) + return url.absolute("https://www.debian.org/security/%d/%s" + % (int(y), link)) return None def url_dla(self, url, dla, re_dla=re.compile(r'^DLA-(\d+)(-\d+)?$')): |