diff options
author | Carles Pina i Estany <carles@pina.cat> | 2021-02-15 09:14:47 +0000 |
---|---|---|
committer | Sebastien Delafond <seb@debian.org> | 2021-02-15 09:14:47 +0000 |
commit | 8846bec763397a5dd90bb8fbde674a5ba127b560 (patch) | |
tree | 25bc1c5cd6072eba029643c372811827cbcc4c2d /bin/tracker_service.py | |
parent | 42b4e9fea7b1dddc9df42a121255c55896182b5b (diff) |
Fix CVE10k problem for CVE with more than 4 numbers
It had no consequences in security-tracker: the
next-oldstable-point-update.txt file is empty and the
next-point-update.txt CVEs are not used yet for what I can see via this
code path.
Diffstat (limited to 'bin/tracker_service.py')
-rwxr-xr-x | bin/tracker_service.py | 19 |
1 files changed, 16 insertions, 3 deletions
diff --git a/bin/tracker_service.py b/bin/tracker_service.py index 42394f0f1d..2686bc4c24 100755 --- a/bin/tracker_service.py +++ b/bin/tracker_service.py @@ -1314,8 +1314,9 @@ Debian bug number.'''), urgency = defaultdict(lambda: defaultdict(dict)) nodsa = defaultdict(lambda: defaultdict(dict)) nodsa_reason = defaultdict(lambda: defaultdict(dict)) + next_point_update = defaultdict(lambda: defaultdict(set)) supported_releases = config.get_supported_releases() - for (pkg, issue, desc, debianbug, release, subrelease, db_version, db_fixed_version, db_status, db_urgency, db_remote, db_nodsa, db_nodsa_reason) in self.db.cursor().execute( + for (pkg, issue, desc, debianbug, release, subrelease, db_version, db_fixed_version, db_status, db_urgency, db_remote, db_nodsa, db_nodsa_reason, db_next_point_update) in self.db.cursor().execute( """SELECT sp.name, st.bug_name, (SELECT cve_desc FROM nvd_data WHERE cve_name = st.bug_name), @@ -1335,7 +1336,9 @@ Debian bug number.'''), AND nd.bug_name = st.bug_name) AS nodsa, (SELECT reason FROM package_notes_nodsa AS nd WHERE nd.package = sp.name AND nd.release = sp.release - AND nd.bug_name = st.bug_name) AS nodsa_reason + AND nd.bug_name = st.bug_name) AS nodsa_reason, + (SELECT next_point_update.release as next_point_update_release FROM next_point_update + WHERE st.bug_name=next_point_update.cve_name) AS next_point_update_release FROM source_package_status AS st, source_packages AS sp, bugs WHERE sp.rowid = st.package AND st.bug_name = bugs.name AND ( st.bug_name LIKE 'CVE-%' OR st.bug_name LIKE 'TEMP-%' ) @@ -1365,6 +1368,8 @@ Debian bug number.'''), fixed_version[pkg][issue][repository] = db_fixed_version status[pkg][issue][repository] = db_status urgency[pkg][issue][repository] = db_urgency + if db_next_point_update: + next_point_update[pkg][issue].add(db_next_point_update) if str(db_nodsa) != 'None': nodsa[pkg][issue][repository] = db_nodsa if str(db_nodsa_reason) != 'None': @@ -1422,6 +1427,12 @@ Debian bug number.'''), suite_nodsa = nodsa[pkg][issue][repository] if repository in nodsa_reason[pkg][issue]: suite_nodsa_reason = nodsa_reason[pkg][issue][repository] + if pkg in next_point_update and \ + issue in next_point_update[pkg] and \ + release in next_point_update[pkg][issue]: + suite_next_point_update = True + else: + suite_next_point_update = None for repository in repositories[pkg][issue]: for suffix in ('','-security','-lts'): subrelease=release+suffix @@ -1432,7 +1443,9 @@ Debian bug number.'''), "fixed_version" : suite_fixed_version, "urgency": suite_urgency, "nodsa": suite_nodsa, - "nodsa_reason": suite_nodsa_reason} + "nodsa_reason": suite_nodsa_reason, + "next_point_update": suite_next_point_update + } clean_dict(suites[release]) pkg_issue = { "description": description, "debianbug": debianbug, |