security_db.Db.getUnreportedVulnerabilities(): New method

git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@31490 e39458fd-73e7-0310-bf30-c45bca0a0e42

1 files changed, 29 insertions, 0 deletions

diff --git a/lib/python/security_db.py b/lib/python/security_db.py
index 6149e1197b..c2de1137d3 100644
--- a/lib/python/security_db.py
+++ b/lib/python/security_db.py
@@ -1845,6 +1845,35 @@ class DB:
                 st.bug_name > 'TEMP-' AND st.bug_name LIKE 'TEMP-%'
                 ORDER BY st.bug_name""",(vulnerability,)))
 
+    def getUnreportedVulnerabilities(self, cursor=None):
+        """Returns a list of pairs (BUG_NAME, DESCRIPTION)
+        of vulnerabilities which are unfixed in unstable and lack a filed bug.
+        """
+        if cursor is None:
+            cursor = self.cursor()
+        last_bug = None
+        result = []
+        for bug, pkg in cursor.execute(
+"""SELECT DISTINCT source_package_status.bug_name, source_packages.name
+  FROM source_packages
+  JOIN source_package_status
+    ON source_packages.rowid = source_package_status.package
+  JOIN package_notes
+    ON source_packages.name = package_notes.package
+      AND package_notes.bug_name = source_package_status.bug_name
+      AND source_packages.release = 'sid'
+      AND package_notes.release = ''
+  WHERE source_package_status.bug_name LIKE 'CVE-%'
+  AND package_notes.urgency <> 'unimportant'
+  AND package_notes.rowid NOT IN (SELECT note FROM debian_bugs)
+  AND source_package_status.vulnerable
+  ORDER BY source_package_status.bug_name, source_packages.name"""):
+            if last_bug is None or last_bug <> bug:
+                last_bug = bug
+                result.append((bug, []))
+            result[-1][1].append(pkg)
+        return result
+
     def getITPs(self, cursor):
         """Returns a generator for a list of unknown packages.
         Each entry has the form (PACKAGE, BUG-LIST, DEBIAN-BUG-LIST)."""