Enforce unique OVAL IDs

CVS version numbers

english/security/oval/parseJSON2Oval.py: 1.3 -> 1.4 
english/security/oval/oval/definition/generator.py: 1.8 -> 1.9 
english/security/oval/oval/parser/dsa.py: 1.2 -> 1.3 
english/security/oval/oval/parser/wml.py: 1.2 -> 1.3

4 files changed, 13 insertions, 10 deletions

diff --git a/english/security/oval/oval/definition/generator.py b/english/security/oval/oval/definition/generator.py
index 0133c1d9614..4fcba433352 100644
--- a/english/security/oval/oval/definition/generator.py
+++ b/english/security/oval/oval/definition/generator.py
@@ -72,11 +72,8 @@ testsHash = {"arch" : {}, "release": {}, "obj": {}, "fileSte": {}, "unameSte" :
 #We need more info about alpha, arm, hppa, bmips, lmips
 unameArchTable = {'i386' : 'i686', 'amd64' : 'x86-64', 'ia64' : 'ia64', 'powerpc' : 'ppc', 's390' : 's390x', 'm86k' : 'm86k'} 
 
-def __trimzero (val):
-	value = val[:]
-	while value[0] == "0":
-		value = value[1:]
-	return value
+def getOvalId(cve):
+  return cve[3:].replace('-', '')
 
 def __getNewId (type):
 	"""Generate new unique id for tests, objects or states
@@ -433,12 +430,11 @@ def createDefinition (dsa, dsaref):
 	doc = xml.dom.minidom.Document ()
 	
 	### Definition block: Metadata, Notes, Criteria
-	### TODO: Replace DSA id with unique id
-	definition = __createXMLElement ("definition", attrs = {"id" : "oval:org.debian:def:%s" % __trimzero(dsa), "version" : "1", "class" : "vulnerability"})
+	definition = __createXMLElement ("definition", attrs = {"id" : "oval:org.debian:def:%s" % getOvalId(dsaref["description"]), "version" : "1", "class" : "vulnerability"})
 	
 	### Definition : Metadata : title, affected, reference, description ###
 	metadata = __createXMLElement ("metadata")
-	metadata.appendChild (__createXMLElement ("title", dsaref["description"]))
+	metadata.appendChild (__createXMLElement ("title", dsaref["title"]))
 
 	### Definition : Metadata : Affected : platform, product ###
 	affected = __createXMLElement ("affected", attrs = {"family" : "unix"})
diff --git a/english/security/oval/oval/parser/dsa.py b/english/security/oval/oval/parser/dsa.py
index a15f7d8d935..1ec9fb3b6d5 100644
--- a/english/security/oval/oval/parser/dsa.py
+++ b/english/security/oval/oval/parser/dsa.py
@@ -60,6 +60,13 @@ def parseFile (path):
 			normDate = lambda (date): "-".join([(len(p) > 1 and p or "0"+p) for p in date.split("-")])
 			data["date"] = normDate(date)
 		
+		descrpatern = re.compile (r'(CVE-\d+-\d+)')
+		result = descrpatern.search (line)
+		if result:
+			data["description"] = result.groups()[0]
+			logging.log(logging.DEBUG, "Extracted CVE ID: " + data["description"])
+			continue
+		
 		refspatern = re.compile (r'secrefs>(.*?)</define-tag>')
 		result = refspatern.search (line)
 		if result:
diff --git a/english/security/oval/oval/parser/wml.py b/english/security/oval/oval/parser/wml.py
index 7dd010fdc81..a3686bf514e 100644
--- a/english/security/oval/oval/parser/wml.py
+++ b/english/security/oval/oval/parser/wml.py
@@ -50,7 +50,7 @@ def parseFile (path):
 			descrpatern = re.compile (r'description>(.*?)</define-tag>')
 			result = descrpatern.search (line)
 			if result:
-				data["description"] = result.groups()[0]
+				data["actualDescription"] = result.groups()[0]
 				continue
 				
 			sinfopatern = re.compile (r'<define-tag moreinfo>(.*?)')
diff --git a/english/security/oval/parseJSON2Oval.py b/english/security/oval/parseJSON2Oval.py
index 44b5d1f5f08..c44d09012bf 100644
--- a/english/security/oval/parseJSON2Oval.py
+++ b/english/security/oval/parseJSON2Oval.py
@@ -66,7 +66,7 @@ def parseJSON(json_data, year):
 
                 # print json.dumps(json_data[package][CVE])
                 # sys.exit(1)
-                ovalId = CVE[3:].replace('-', '')
+                ovalId = oval.definition.generator.getOvalId(CVE)
                 dsaref.update({ovalId: {"packages": package,
                                         'description': CVE, # "title" element in XML
                                         'vulnerable': "yes",