diff options
author | Emilio Pozuelo Monfort <pochu@debian.org> | 2019-11-27 14:34:15 +0100 |
---|---|---|
committer | Emilio Pozuelo Monfort <pochu@debian.org> | 2020-02-26 12:31:30 +0100 |
commit | 891dbf39b71fcbe0be2dd5c55268303c3f082cdf (patch) | |
tree | 4d815e1509f6539efb4eb22d654371f9806365cd /lib | |
parent | 06a39ee3fe8e03bf6a080dd659260507ef3a0318 (diff) |
security_db: don't hardcode releases in db queries
Diffstat (limited to 'lib')
-rw-r--r-- | lib/python/security_db.py | 14 |
1 files changed, 10 insertions, 4 deletions
diff --git a/lib/python/security_db.py b/lib/python/security_db.py index b929320c6b..8ba681ab82 100644 --- a/lib/python/security_db.py +++ b/lib/python/security_db.py @@ -1780,13 +1780,16 @@ class DB: """A generator which returns tuples (RELEASE-LIST, VERSION), the available versions of the source package pkg.""" + releases = config.get_supported_releases() + values = [pkg] + releases + for (release, version) in cursor.execute( """SELECT release_name(release, subrelease, archive) AS release, version FROM source_packages WHERE name = ? - AND release IN ('jessie', 'stretch', 'buster', 'bullseye', 'sid') + AND release IN (""" + ",".join("?" * len(releases)) + """) GROUP BY release, version - ORDER BY release_to_number(release), subrelease_to_number(subrelease), version COLLATE version""", (pkg,)): + ORDER BY release_to_number(release), subrelease_to_number(subrelease), version COLLATE version""", values): yield release, version def getBinaryPackageVersions(self, cursor, pkg): @@ -1832,6 +1835,9 @@ class DB: RELEASE-LIST, VERSION, VULNERABLE-FLAG) of source packages which are related to the given bug.""" + releases = config.get_supported_releases() + values = [bug] + releases + for (package, releases, version, vulnerable) in cursor.execute( """SELECT package, string_list(release), version, vulnerable FROM (SELECT p.name AS package, @@ -1839,10 +1845,10 @@ class DB: p.version AS version, s.vulnerable AS vulnerable FROM source_package_status AS s, source_packages AS p WHERE s.bug_name = ? AND p.rowid = s.package - AND release in ('jessie', 'stretch', 'buster', 'bullseye', 'sid')) + AND release in (""" + ",".join("?" * len(releases)) + """)) GROUP BY package, version, vulnerable ORDER BY package, releasepart_to_number(release), subreleasepart_to_number(release), version COLLATE version""", - (bug,)): + values): yield package, releases.split(', '), version, vulnerable def getBugsFromDebianBug(self, cursor, number): |