lookup.sh: also report TODOs and RESERVED issues

git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@15708 e39458fd-73e7-0310-bf30-c45bca0a0e42

1 files changed, 19 insertions, 6 deletions

diff --git a/check-external/lookup.sh b/check-external/lookup.sh
index 9bf495daab..7279ebb4b7 100755
--- a/check-external/lookup.sh
+++ b/check-external/lookup.sh
@@ -44,7 +44,8 @@ while [ $# -ge 1 ]; do
 	;;
 	--help|-h)
 	    echo "Usage: $(basename "$0") [--source|-s vendor] [--after|-a per-year-id] [regex]"
-	    echo ; echo "Look for NFUs in our tracker but recognised or fixed by a vendor"
+	    echo ; echo "Look for NFUs/TODOs/RESERVED in our tracker"
+	    echo "which are recognised or fixed by another vendor"
 	    echo "(requires you to run ./update.sh every now and then)"
 	    echo ; echo "Possible vendors:"
 	    echo -e "\tcve (for checking against Red Hat's tracker)"
@@ -86,9 +87,21 @@ for cve in $(< $source); do
     fi
 
     # Permanent exclusions can be added below
-    o=$(grep -m1 -A1 ^$cve ../data/CVE/list | grep NOT-FOR-US |
-	grep -vi redhat | grep -vi 'red hat' | grep -vi pre-dating |
-	grep -vi realplayer | grep -vi acroread | grep -vi acrobat |
-	grep -viw opera | grep -vi adobe |
-	grep -vi 'real player') && echo "$cve: $o" || :
+    o="$(grep -m1 -A1 ^$cve ../data/CVE/list | sed '1{d;q}' |
+	    grep -E 'TODO|NOT-FOR-US|RESERVED')" || continue
+    case $o in
+	*NOT-FOR-US*)
+	    tr "[:upper:]" "[:lower:]" <<< "${o#*NOT-FOR-US:}" |
+	    grep -v redhat | grep -v 'red hat' | grep -v pre-dating |
+	    grep -v realplayer | grep -v acroread |
+	    grep -v adobe | grep -v acrobat | grep -vw opera |
+	    grep -v 'real player' >/dev/null && echo "$cve: $o" || :
+	;;
+	*TODO:*|*RESERVED*)
+	    echo "$cve: $o"
+	;;
+	*)
+	    echo "Unrecognised match: $o" >&2
+	;;
+    esac
 done