| Commit message (Collapse) | Author | Age | Files | Lines |
|\
| |
| |
| |
| | |
Distro config reunification
See merge request security-tracker-team/security-tracker!48
|
| | |
|
|/
|
|
| |
we will likely not be modifying dla-needed.txt.
|
|
|
|
|
|
| |
This reverts commit c878209005bc1bb46345eb3f5cb6357135841131.
This affects gen-* and carnil expressed it was unnecessary.
I'll try to find another way to remember to add a short package description in security announcements.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since the regular expression was tightened to fix a bug and not remove
e.g. spice ans spice-gtk from a *-needed.list removal of specific
entries of packages/stable or packages/oldstable got broken (wich is
used by the Debian security team to mark entries which only need an
update in one of the supported suites).
Retain the desired fixed behaviour but try to allow to properly remove
package/{old,}stable entries again.
Fixes: b3070631dfbb ("bin/gen-DSA: Fix package removal from the needed_file. Don't remove packages starting with the same string as the to be removed package.")
Signed-off-by: Salvatore Bonaccorso <carnil@debian.org>
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
starting with the same string as the to be removed package.
Before this patch (spice was to be removed, spice-gtk got removed, too).
```
diff --git a/data/dla-needed.txt b/data/dla-needed.txt
index 106dbb0477..a8e6526c01 100644
--- a/data/dla-needed.txt
+++ b/data/dla-needed.txt
@@ -99,12 +99,6 @@ qemu (Santiago)
--
samba (Holger Levsen)
--
-spice (Mike Gabriel)
- NOTE: 20180819: Patch is possibly incomplete. See http://www.openwall.com/lists/oss-security/2018/08/17/2 (Brian May)
---
-spice-gtk (Mike Gabriel)
- NOTE: 20180819: Patch is possibly incomplete. See http://www.openwall.com/lists/oss-security/2018/08/17/2 (Brian May)
---
suricata (Thorsten Alteholz)
--
symfony (Thorsten Alteholz)
```
With this patch (only spice gets removed, spice-gtk stays):
```
diff --git a/data/dla-needed.txt b/data/dla-needed.txt
index 106dbb0477..c7a975a471 100644
--- a/data/dla-needed.txt
+++ b/data/dla-needed.txt
@@ -99,9 +99,6 @@ qemu (Santiago)
--
samba (Holger Levsen)
--
-spice (Mike Gabriel)
- NOTE: 20180819: Patch is possibly incomplete. See http://www.openwall.com/lists/oss-security/2018/08/17/2 (Brian May)
---
spice-gtk (Mike Gabriel)
NOTE: 20180819: Patch is possibly incomplete. See http://www.openwall.com/lists/oss-security/2018/08/17/2 (Brian May)
--
```
|
|
|
|
|
|
| |
packages starting with the same string as the to be removed package."
This reverts commit 774eb447f4302c83e57978af5a429b9cbe306ab3. Because the commit message was incomplete.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
starting with the same string as the to be removed package.
Before this patch (spice was to be removed, spice-gtk got removed, too).
```
diff --git a/data/dla-needed.txt b/data/dla-needed.txt
index 106dbb0477..a8e6526c01 100644
--- a/data/dla-needed.txt
+++ b/data/dla-needed.txt
@@ -99,12 +99,6 @@ qemu (Santiago)
--
samba (Holger Levsen)
--
-spice (Mike Gabriel)
- NOTE: 20180819: Patch is possibly incomplete. See http://www.openwall.com/lists/oss-security/2018/08/17/2 (Brian May)
---
-spice-gtk (Mike Gabriel)
- NOTE: 20180819: Patch is possibly incomplete. See http://www.openwall.com/lists/oss-security/2018/08/17/2 (Brian May)
---
suricata (Thorsten Alteholz)
--
symfony (Thorsten Alteholz)
```
With this patch (only spice gets removed, spice-gtk stays):
```
|
|
|
|
| |
to lack of co-ordination in the -needed.txt files.
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
| |
Mention as well that a push is needed, not only a commit.
Signed-off-by: Salvatore Bonaccorso <carnil@debian.org>
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@59018 e39458fd-73e7-0310-bf30-c45bca0a0e42
|
|
|
|
| |
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@52721 e39458fd-73e7-0310-bf30-c45bca0a0e42
|
|
|
|
| |
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@52641 e39458fd-73e7-0310-bf30-c45bca0a0e42
|
|
|
|
|
|
|
| |
Package name, version, bug(s) and cve(s) are filled from .changes
file.
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@49361 e39458fd-73e7-0310-bf30-c45bca0a0e42
|
|
|
|
|
|
|
| |
Global replacement doesn't work very well when matching .+ each time.
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@47703 e39458fd-73e7-0310-bf30-c45bca0a0e42
|
|
|
|
|
|
|
| |
Use sort -V, which seems to do the right thing.
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@47702 e39458fd-73e7-0310-bf30-c45bca0a0e42
|
|
|
|
| |
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@46693 e39458fd-73e7-0310-bf30-c45bca0a0e42
|
|
|
|
| |
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@40100 e39458fd-73e7-0310-bf30-c45bca0a0e42
|
|
|
|
| |
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@35336 e39458fd-73e7-0310-bf30-c45bca0a0e42
|
|
|
|
| |
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@34573 e39458fd-73e7-0310-bf30-c45bca0a0e42
|
|
|
|
| |
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@34572 e39458fd-73e7-0310-bf30-c45bca0a0e42
|
|
|
|
|
|
| |
Prepare template text after jessie is new stable
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@33823 e39458fd-73e7-0310-bf30-c45bca0a0e42
|
|
|
|
| |
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@28618 e39458fd-73e7-0310-bf30-c45bca0a0e42
|
|
|
|
|
|
| |
dsa-needed.txt
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@28602 e39458fd-73e7-0310-bf30-c45bca0a0e42
|
|
|
|
| |
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@28458 e39458fd-73e7-0310-bf30-c45bca0a0e42
|
|
|
|
|
|
|
| |
From Portland, with love
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@28457 e39458fd-73e7-0310-bf30-c45bca0a0e42
|
|
|
|
|
|
|
|
|
|
|
|
| |
E.g.
$ bin/gen-DSA acpi-support regression
[...]
Subject: [DSA 2984-2] acpi-support regression update
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@28199 e39458fd-73e7-0310-bf30-c45bca0a0e42
|
|
|
|
|
|
|
| |
mails won't go through otherwise
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@28022 e39458fd-73e7-0310-bf30-c45bca0a0e42
|
|
|
|
| |
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@28016 e39458fd-73e7-0310-bf30-c45bca0a0e42
|
|
|
|
| |
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@27895 e39458fd-73e7-0310-bf30-c45bca0a0e42
|
|
|
|
| |
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@27122 e39458fd-73e7-0310-bf30-c45bca0a0e42
|
|
|
|
|
|
|
|
|
| |
A regression can still be signaled by passing it as the argument after
the package name. E.g. bin/gen-DSA foo regression
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@26088 e39458fd-73e7-0310-bf30-c45bca0a0e42
|
|
|
|
| |
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@25606 e39458fd-73e7-0310-bf30-c45bca0a0e42
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Usage: bin/gen-DSA [--save] --embargo package description cve
Then when about to release you svn *up* and:
bin/gen-DSA --unembargo package
An id will then be assigned and the dates corrected if needed
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@24532 e39458fd-73e7-0310-bf30-c45bca0a0e42
|
|
|
|
| |
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@24531 e39458fd-73e7-0310-bf30-c45bca0a0e42
|
|
|
|
| |
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@23740 e39458fd-73e7-0310-bf30-c45bca0a0e42
|
|
|
|
| |
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@23620 e39458fd-73e7-0310-bf30-c45bca0a0e42
|
|
|
|
| |
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@22168 e39458fd-73e7-0310-bf30-c45bca0a0e42
|
|
|
|
| |
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@21569 e39458fd-73e7-0310-bf30-c45bca0a0e42
|
|
|
|
|
|
|
|
|
| |
Additionally, "support" multiple bug numbers by correctly formatting
and generating a list of them.
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@21568 e39458fd-73e7-0310-bf30-c45bca0a0e42
|
|
|
|
|
|
|
| |
No need of passing them as a list in a single argument.
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@21567 e39458fd-73e7-0310-bf30-c45bca0a0e42
|
|
|
|
|
|
|
|
|
|
| |
The generated CVE listing is more or less already followed by almost
everybody except fw, who's style is slightly different (no empty line
after the id and tabs instead of blanks.)
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@21342 e39458fd-73e7-0310-bf30-c45bca0a0e42
|
|
|
|
| |
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@20430 e39458fd-73e7-0310-bf30-c45bca0a0e42
|
|
|
|
| |
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@20429 e39458fd-73e7-0310-bf30-c45bca0a0e42
|
|
|
|
| |
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@20168 e39458fd-73e7-0310-bf30-c45bca0a0e42
|