diff options
| author | Emilio Pozuelo Monfort <pochu@debian.org> | 2018-06-01 13:52:53 +0200 |
|---|---|---|
| committer | Emilio Pozuelo Monfort <pochu@debian.org> | 2018-06-08 10:04:06 +0200 |
| commit | 77190d32d7f00156830d7fbefe2df1e483b194e9 (patch) | |
| tree | 8848fda32d401c8fa9c0210e714e4f38cc27b32f /lib | |
| parent | 0cb94dee777219c6edf3b3c2579c17fe46afc13f (diff) | |
Dynamically create announce queries
Based on the DSA-like files present in the config file.
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/python/security_db.py | 22 |
1 files changed, 20 insertions, 2 deletions
diff --git a/lib/python/security_db.py b/lib/python/security_db.py index 9c7d4afd8b..9bcbb3eaec 100644 --- a/lib/python/security_db.py +++ b/lib/python/security_db.py @@ -862,6 +862,22 @@ class DB: return sources + def genDBAdvisoryString(self, field, dtsa=False): + sources = self.getSources() + advs = [] + + for path, cls in sources.iteritems(): + name = path.split('/')[1] + + if cls == 'DSAFile': + advs.append(name) + + if cls == 'DTSAFile' and dtsa: + advs.append(name) + + advs = ["{} LIKE '{}-%'".format(field, adv) for adv in advs] + return " OR ".join(advs) + def readBugs(self, cursor, path): if self.verbose: print "readBugs:" @@ -968,9 +984,10 @@ class DB: # Copy notes from DSA/DTSA/DLA to CVE. old_source = '' + source_like = self.genDBAdvisoryString("source", dtsa=True) for source, target in list(cursor.execute( """SELECT source, target FROM bugs_xref - WHERE (source LIKE 'DTSA-%' OR source LIKE 'DSA-%' OR source LIKE 'DLA-%') + WHERE (""" + source_like + """) AND target LIKE 'CVE-%'""")): if source <> old_source: source_bug = bugs.BugFromDB(cursor, source) @@ -1849,11 +1866,12 @@ class DB: return flag def getDSAsForSourcePackage(self, cursor, package): + bugs_like = self.genDBAdvisoryString("bugs.name", dtsa=False) for row in cursor.execute( """SELECT bugs.name, bugs.description FROM bugs, package_notes as p WHERE p.bug_name = bugs.name - AND ( bugs.name LIKE 'DSA-%' OR bugs.name LIKE 'DLA-%') + AND ( """ + bugs_like + """ ) AND p.package = ? ORDER BY bugs.release_date DESC""", (package,)): yield DSAsForSourcePackage(*row) |