diff options
author | Raphael Geissert <geissert@debian.org> | 2014-03-12 22:24:47 +0000 |
---|---|---|
committer | Raphael Geissert <geissert@debian.org> | 2014-03-12 22:24:47 +0000 |
commit | 093535589725af00bbaefaa30aeb431dd6359f6b (patch) | |
tree | b7fc71cc03c6cadc8243c7da1f13d71e4109980b /bin/gen-DSA | |
parent | cb33e72e8069839b07b9e3a540804a6e3db7e417 (diff) |
Drop the "vulnerability" field
A regression can still be signaled by passing it as the argument after
the package name. E.g. bin/gen-DSA foo regression
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@26088 e39458fd-73e7-0310-bf30-c45bca0a0e42
Diffstat (limited to 'bin/gen-DSA')
-rwxr-xr-x | bin/gen-DSA | 88 |
1 files changed, 11 insertions, 77 deletions
diff --git a/bin/gen-DSA b/bin/gen-DSA index 148ee18faa..08de47b60b 100755 --- a/bin/gen-DSA +++ b/bin/gen-DSA @@ -34,8 +34,8 @@ export LANG=C exit 1 } -[ $# -ge 2 ] || { - echo "usage: $0 [--save] [--embargoed|--unembargo] [DSA] package 'vulnerability desc' [cve(s) [bugnumber(s)]]" +[ $# -ge 1 ] || { + echo "usage: $0 [--save] [--embargoed|--unembargo] [DSA] package [regression] [cve(s) [bugnumber(s)]]" echo " 'DSA' is the DSA number, required when issuing a revision" echo " 'cve(s)' and 'bugnumber(s)' can be passed in any order but" echo " always AFTER the description" @@ -117,56 +117,6 @@ error() { printf "${RED}error:${NORMAL} %s\n" "$1" } -check_spelling() { - if which aspell >/dev/null && echo test | aspell -l en list 2>/dev/null; then - aspell -l en list - elif which enchant >/dev/null && echo test | enchant -l -d en 2>/dev/null; then - enchant -l -d en - fi -} - -cleanup_vulnerability() { - lastw= - add_space=false - - for word in $@; do - if [ -n "$lastw" ]; then - add_space=true - fi - - case $word in - D[Oo]S) - word="denial of service" - ;; - CSRF) - word="cross-site request forgery" - ;; - XSS) - word="cross-site scripting" - ;; - site) - if [ "$lastw" = cross ]; then - add_space=false - word="-site" - fi - ;; - [Nn]ull) - word=NULL - ;; - out-of-bound|bound) - word="${word}s" - ;; - esac - - if $add_space; then - printf ' ' - fi - - lastw="$word" - printf '%s' "$word" - done -} - setvar() { local var="$1" value="$2" @@ -196,8 +146,13 @@ if printf '%s' "$1" | grep -Eq '^(DSA-|)[0-9]+(-[0-9]+|)$'; then fi PACKAGE="$(tolower "$1")" -VULNERABILITY="$(cleanup_vulnerability "$2")" -shift 2 +shift + +TYPE=security +if [ regression = "$1" ]; then + TYPE=regression + shift +fi CVE= BUGNUM= @@ -312,30 +267,10 @@ if $unembargo; then exit fi -if echo "$VULNERABILITY" | grep -iq vulnerab; then - warn "redundant vulnerability adjective/noun in vuln. summary" >&2 -fi - -if [ "$VULNERABILITY" = remote ] || [ "$VULNERABILITY" = local ]; then - error "'$VULNERABILITY' is not a vulnerability summary" >&2 - exit 1 -fi - -echo "$VULNERABILITY" | check_spelling | -while read word; do - # Frequent exceptions: - case $word in - SQL) - continue - ;; - esac - warn "possible spelling mistake: $word!" >&2 -done - tmpf=$(mktemp) cat doc/DSA.template > $tmpf -if [ "$VULNERABILITY" = regression ]; then +if [ "$TYPE" = regression ]; then sed -ri '/^Subject:/s/security update$/regression update/' $tmpf fi @@ -355,7 +290,6 @@ setvar PACKAGE setvar CVE "$CVE_LIST" setvar DSAID setvar BUGNUM -setvar VULNERABILITY setvar OLDSTABLE setvar STABLE setvar TESTING @@ -387,7 +321,7 @@ else mv -i $tmpf "DSA-$DSAID" || { rm -f $tmpf; exit; } dsa_entry=$(mktemp) cat <<EOF > $dsa_entry -[$(date +"%d %b %Y")] DSA-$DSAID $PACKAGE - $VULNERABILITY +[$(date +"%d %b %Y")] DSA-$DSAID $PACKAGE - $TYPE update EOF if [ "$CVE" ]; then |