security_db: don't hardcode releases in db queries

author: Emilio Pozuelo Monfort <pochu@debian.org> 2019-11-27 14:34:15 +0100
committer: Emilio Pozuelo Monfort <pochu@debian.org> 2020-02-26 12:31:30 +0100
commit: 891dbf39b71fcbe0be2dd5c55268303c3f082cdf (patch)
tree: 4d815e1509f6539efb4eb22d654371f9806365cd /lib
parent: 06a39ee3fe8e03bf6a080dd659260507ef3a0318 (diff)
1 files changed, 10 insertions, 4 deletions
diff --git a/lib/python/security_db.py b/lib/python/security_db.py
index b929320c6b..8ba681ab82 100644
--- a/lib/python/security_db.py
+++ b/lib/python/security_db.py
@@ -1780,13 +1780,16 @@ class DB:
         """A generator which returns tuples (RELEASE-LIST, VERSION),
         the available versions of the source package pkg."""
 
+        releases = config.get_supported_releases()
+        values = [pkg] + releases
+
         for (release, version) in cursor.execute(
             """SELECT release_name(release, subrelease, archive)
             AS release, version FROM source_packages
             WHERE name = ?
-            AND release IN ('jessie', 'stretch', 'buster', 'bullseye', 'sid')
+            AND release IN (""" + ",".join("?" * len(releases)) + """)
             GROUP BY release, version
-            ORDER BY release_to_number(release), subrelease_to_number(subrelease), version COLLATE version""", (pkg,)):
+            ORDER BY release_to_number(release), subrelease_to_number(subrelease), version COLLATE version""", values):
             yield release, version
 
     def getBinaryPackageVersions(self, cursor, pkg):
@@ -1832,6 +1835,9 @@ class DB:
         RELEASE-LIST, VERSION, VULNERABLE-FLAG) of source packages
         which are related to the given bug."""
 
+        releases = config.get_supported_releases()
+        values = [bug] + releases
+
         for (package, releases, version, vulnerable) in cursor.execute(
             """SELECT package, string_list(release), version, vulnerable
             FROM (SELECT p.name AS package,
@@ -1839,10 +1845,10 @@ class DB:
             p.version AS version, s.vulnerable AS vulnerable
             FROM source_package_status AS s, source_packages AS p
             WHERE s.bug_name = ? AND p.rowid = s.package
-            AND release in ('jessie', 'stretch', 'buster', 'bullseye', 'sid'))
+            AND release in (""" + ",".join("?" * len(releases)) + """))
             GROUP BY package, version, vulnerable
             ORDER BY package, releasepart_to_number(release), subreleasepart_to_number(release), version COLLATE version""",
-            (bug,)):
+            values):
             yield package, releases.split(', '), version, vulnerable
 
     def getBugsFromDebianBug(self, cursor, number):
author	Emilio Pozuelo Monfort <pochu@debian.org>	2019-11-27 14:34:15 +0100
committer	Emilio Pozuelo Monfort <pochu@debian.org>	2020-02-26 12:31:30 +0100
commit	891dbf39b71fcbe0be2dd5c55268303c3f082cdf (patch)
tree	4d815e1509f6539efb4eb22d654371f9806365cd /lib
parent	06a39ee3fe8e03bf6a080dd659260507ef3a0318 (diff)