Include DLA information if available

CVS version numbers english/security/oval/generate.py: 1.1 -> 1.2 english/security/oval/oval/definition/generator.py: 1.14 -> 1.15 english/security/oval/oval/parser/dsa.py: 1.6 -> 1.7 english/security/oval/oval/parser/wml.py: 1.7 -> 1.8
author: Sebastien Delafond <seb> 2016-07-19 09:55:14 +0000
committer: Sebastien Delafond <seb> 2016-07-19 09:55:14 +0000
commit: d5a2b752ea2bd498e0a2dde246506ea635a2087a (patch)
tree: fae11ac68299342f7e4f01d0dcfafc21bf4a0f83
parent: 419a9c37c5c0827bb99f20fc3b3bfa6e54469796 (diff)
4 files changed, 33 insertions, 37 deletions
diff --git a/english/security/oval/generate.py b/english/security/oval/generate.py
index 25a0115c32c..b1a6c33b965 100644
--- a/english/security/oval/generate.py
+++ b/english/security/oval/generate.py
@@ -13,6 +13,7 @@ import sys
 import logging
 import argparse
 import json
+import re
 from datetime import date
 import oval.definition.generator
 from oval.parser import dsa
@@ -38,7 +39,7 @@ def printdsas(ovals, year):
     ovalDefinitions = oval.definition.generator.createOVALDefinitions (ovals, year)
     oval.definition.generator.printOVALDefinitions (ovalDefinitions)
 
-def parsedirs (directory, postfix, depth):
+def parsedirs (directory, regex, depth):
   """ Recursive search directory for DSA files contain postfix in their names.
 
     For this files called oval.parser.dsa.parseFile() for extracting DSA information.
@@ -54,31 +55,43 @@ def parsedirs (directory, postfix, depth):
     
     path = "%s/%s" % (directory, fileName)
     
-    logging.log (logging.DEBUG, "Checking %s (for %s at %s)" % (fileName, postfix, depth))
+    logging.log (logging.DEBUG, "Checking %s (for %s at %s)" % (fileName, regex, depth))
     
     if os.access(path, os.R_OK) and os.path.isdir (path) and not os.path.islink (path) and fileName[0] != '.':
       logging.log(logging.DEBUG, "Entering directory " + path)
-      parsedirs (path, postfix, depth-1)
+      parsedirs (path, regex, depth-1)
 
     #Parse fileNames
-    if os.access(path, os.R_OK) and fileName.endswith(postfix) and fileName[0] != '.' and fileName[0] != '#':
-      result = dsa.parseFile (path)
+    if os.access(path, os.R_OK) and regex.search(fileName) and fileName[0] != '.' and fileName[0] != '#':
+      result = dsa.parseFile(path)
       if result:
-        if ovals.has_key (result[0]):
-          ovals[result[0]]["dsa"] = fileName[:-5].upper() # remove .data part
+        cve = result[0]
+        if ovals.has_key(cve):
           for (k, v) in result[1].iteritems():
-            ovals[result[0]][k] = v
+            ovals[cve][k] = v
         else:
-          ovals[result[0]] = result[1]
+          ovals[cve] = result[1]
 
+        dsaRef = fileName[:-5].upper() # remove .data part
+        
         # also parse corresponding wml file
         wmlResult = wml.parseFile(path.replace('.data', '.wml'), DEBIAN_VERSION)
         if wmlResult:
           data, releases = wmlResult
           for (k, v) in data.iteritems():
-            ovals[result[0]][k] = v
-          if not ovals[result[0]].get("release", None):
-            ovals[result[0]]['release']=releases
+            if k == "moreinfo":
+              if not "moreinfo" in ovals[cve]:
+                ovals[cve]["moreinfo"] = "\n"
+              # aggregate all advisories
+              ovals[cve][k] += "%s%s\n" % (dsaRef, v)
+            elif k in ('description'): # some keys shouldn't be clobbered
+              if not k in ovals[cve]:
+                ovals[cve][k] = v
+            else:
+              ovals[cve][k] = v
+          if not "release" in ovals[cve]:
+            ovals[cve]["release"] = {}
+          ovals[cve]['release'].update(releases)
 
   return 0
 
@@ -169,7 +182,8 @@ def main(args):
             os.remove(temp_file)
 
     parseJSON(json_data, year)
-    parsedirs(data_dir, '.data', 2)
+    parsedirs(data_dir, re.compile('^dsa.+\.data$'), 2)
+    parsedirs(data_dir, re.compile('^dla.+\.data$'), 2)
     logging.log(logging.INFO, "Finished parsing JSON data")
     printdsas(ovals, year)
 
diff --git a/english/security/oval/oval/definition/generator.py b/english/security/oval/oval/definition/generator.py
index 7eac06a77dc..f806f4987c2 100644
--- a/english/security/oval/oval/definition/generator.py
+++ b/english/security/oval/oval/definition/generator.py
@@ -428,11 +428,6 @@ def createDefinition (cve, oval):
     logging.log(logging.WARNING, "CVE %s: Moreinfo information missed." % cve)
     oval["moreinfo"] = ""
 
-  if not oval.has_key("dsa"):
-    logging.log(logging.WARNING, "CVE %s: DSA information missed." % cve)
-  elif oval["moreinfo"]:
-    oval["moreinfo"] = "\n%s%s" % (oval["dsa"], oval["moreinfo"])
-
   if not oval.has_key("secrefs"):
     logging.log(logging.WARNING, "CVE %s: Secrefs information missed." % cve)
     oval["secrefs"] = ""
diff --git a/english/security/oval/oval/parser/dsa.py b/english/security/oval/oval/parser/dsa.py
index eb31abd5ee7..ccd96d4c36e 100644
--- a/english/security/oval/oval/parser/dsa.py
+++ b/english/security/oval/oval/parser/dsa.py
@@ -39,14 +39,7 @@ def parseFile (path):
   
   filename = os.path.basename (path)
 
-  patern = re.compile(r'dsa-(\d+)')
-  result = patern.search(filename)
-  if result:
-    dsa = result.groups()[0]
-  else:
-    logging.log(logging.WARNING, "File %s does not look like a proper DSA, not checking" % filename)
-    return (None)
-
+  dsa = os.path.basename(path)[:-5]
   logging.log (logging.DEBUG, "Parsing DSA %s from file %s" % (dsa, filename))
 
   dsaFile = open(path)
diff --git a/english/security/oval/oval/parser/wml.py b/english/security/oval/oval/parser/wml.py
index 205a834e041..0af1b2e642f 100644
--- a/english/security/oval/oval/parser/wml.py
+++ b/english/security/oval/oval/parser/wml.py
@@ -32,21 +32,16 @@ def parseFile (path, debianVersion):
   deb_version = ""
   releases = {}
 
+  dsa = os.path.basename(path)[:-5]
   filename = os.path.basename (path)
 	
-  patern = re.compile(r'dsa-(\d+)')
-  result = patern.search(filename)
-  if result:
-    dsa = result.groups()[0]
-  else:
-    logging.log(logging.WARNING, "File %s does not look like a proper DSA wml description, not checking" % filename)
-    return (None)
-	
   logging.log (logging.DEBUG, "Parsing information for DSA %s from wml file %s" % (dsa, filename))
 	
   try:
     wmlFile = open(path)
 
+    dversion_pattern = re.compile(r'(%s)' % '|'.join(debianVersion.keys()), re.IGNORECASE)
+
     for line in wmlFile:
       line= line.decode ("ISO-8859-2")
       descrpatern = re.compile (r'description>(.*?)</define-tag>')
@@ -72,12 +67,11 @@ def parseFile (path, debianVersion):
         data["moreinfo"] += line
 #        continue
 
-      dversion_pattern = re.compile(r'distribution \((.*?)\)')
       result = dversion_pattern.search(line)
       if result:
-        deb_version = result.groups()[0]
+        deb_version = result.groups()[0].lower()
 
-      new_version_pattern = re.compile(r'version ([a-z]+).</p>')
+      new_version_pattern = re.compile(r'version (.+?)\.(</p>|\s)')
       result = new_version_pattern.search(line)
       if result and deb_version != "":
         pack_ver = result.groups()[0]
author	Sebastien Delafond <seb>	2016-07-19 09:55:14 +0000
committer	Sebastien Delafond <seb>	2016-07-19 09:55:14 +0000
commit	d5a2b752ea2bd498e0a2dde246506ea635a2087a (patch)
tree	fae11ac68299342f7e4f01d0dcfafc21bf4a0f83
parent	419a9c37c5c0827bb99f20fc3b3bfa6e54469796 (diff)