Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Merge branch 'bam/security-tracker-fix_cmp' | Salvatore Bonaccorso | 2020-01-02 | 1 | -1/+2 |
|\ | | | | | | | See merge request security-tracker-team/security-tracker!40 | ||||
| * | Fix list sort | Brian May | 2019-06-17 | 1 | -1/+2 |
| | | |||||
* | | Fix inconsistent leading ident before if statement | Brian May | 2019-12-26 | 1 | -2/+2 |
| | | |||||
* | | Reimplement (incompletely) simplistic NVD parser to handle JSON feed | Salvatore Bonaccorso | 2019-10-20 | 1 | -68/+59 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | The reimplementation is focused on only the functionality actually strictly required by the security-tracker. This includes fetching the CVE id and corresponding description. All of specific imapct metrics (severity, range, loss attributes) are not implemented. Those will require a database schema version bump and reimplementation as well for the security_db. Closes: #942670 Signed-off-by: Salvatore Bonaccorso <carnil@debian.org> | ||||
* | | nvd.py: Add missing note that CVE description is returned | Salvatore Bonaccorso | 2019-10-20 | 1 | -0/+1 |
| | | |||||
* | | Drop mips from bullseye architectures | Salvatore Bonaccorso | 2019-08-21 | 1 | -1/+1 |
| | | |||||
* | | Another place where mips needs to be dropped | Raphaël Hertzog | 2019-08-21 | 1 | -1/+1 |
| | | |||||
* | | Don't track mips in sid, it's gone | Raphaël Hertzog | 2019-08-21 | 1 | -1/+1 |
| | | | | | | | | | | As announced in https://lists.debian.org/debian-mips/2019/07/msg00010.html it's now gone from the mirrors. | ||||
* | | Disable fetching of backports | Salvatore Bonaccorso | 2019-07-07 | 1 | -1/+4 |
| | | | | | | | | | | | | | | | | | | | | | | They ship Packages/Sources.gz only and backports is anyway not very good supported in tracker. Until #664866 is fixed backports will anyway not be tracked properly in security-tracker. Temporarily disable until downloadFile can handle multiple situations more gracefully. | ||||
* | | Adjust dist directory on security archives for distribution | Salvatore Bonaccorso | 2019-07-06 | 1 | -0/+8 |
| | | | | | | | | | | | | | | | | | | | | Starting with bullseye the distribution/suite are switched to *-security instead of */updates for consistency through the Debian archives. See: https://lists.debian.org/debian-security/2019/06/msg00015.html for details and the intention to switch. Thanks: Ansgar Burchardt | ||||
* | | lib/debian-releases.mk: Fetch backports suites for $(OLDSTABLE) | Salvatore Bonaccorso | 2019-07-06 | 1 | -1/+1 |
| | | |||||
* | | security_db: Update mappings after buster stable release | Salvatore Bonaccorso | 2019-07-06 | 1 | -16/+16 |
| | | |||||
* | | dist_config: Add support for bullseye release and initial list of supported ↵ | Salvatore Bonaccorso | 2019-07-06 | 1 | -0/+5 |
| | | | | | | | | | | | | | | architectures Add list of currently suported architectures inherited from buster supported architectures. | ||||
* | | debian_support: Add bullseye to supported releases | Salvatore Bonaccorso | 2019-07-06 | 1 | -1/+1 |
|/ | |||||
* | Remove hurd-i386, kfreebsd-{i386,amd64} from architectures in sid | Salvatore Bonaccorso | 2019-05-01 | 1 | -1/+1 |
| | | | | | | As announced in https://lists.debian.org/debian-devel/2019/04/msg00207.html hurd-i386 and kfreebsd-{i386,amd64} are going to be moved to debian-ports instead. | ||||
* | security_db: Make source code comment independent of codename for distribution | Salvatore Bonaccorso | 2019-04-28 | 1 | -2/+2 |
| | |||||
* | lib/debian-releases.mk: Correctly remove $(OLDSTABLE) for backports | Salvatore Bonaccorso | 2019-03-26 | 1 | -1/+1 |
| | |||||
* | Fetch packages files for backports suites only for $(STABLE) | Salvatore Bonaccorso | 2019-03-26 | 1 | -2/+2 |
| | | | | | | Current oldstable does not contains anymore the backports suites as it is the LTS release. As such jessie-backports was removed from the mirrors. | ||||
* | Replace file() with open() for Python 3 compatability | Brian May | 2019-03-04 | 6 | -12/+12 |
| | |||||
* | Replace `abc` with repr(abc) | Brian May | 2019-02-18 | 2 | -7/+7 |
| | |||||
* | lib/python/bugs.py: Use explicit list comprehension; the "lambda (x,)" ↵ | Chris Lamb | 2019-02-11 | 1 | -2/+2 |
| | | | | syntax is not actually valid in Python 3. | ||||
* | lib/python/debian_support.py: Use repr(..) over backticks; they are removed ↵ | Chris Lamb | 2019-02-11 | 1 | -3/+3 |
| | | | | in Python 3.x | ||||
* | CVEExtendFile: treat TEMP-* entries as unique | Emilio Pozuelo Monfort | 2018-12-04 | 1 | -0/+9 |
| | | | | | | Otherwise, they will get rehashed into a different temp name, preventing one to add notes to TEMP entries in an extend file. | ||||
* | Merge branch 'bam/security-tracker-use_pythons_namedtuple' | Salvatore Bonaccorso | 2018-11-11 | 4 | -96/+3 |
|\ | |||||
| * | Use the namedtuple class supplied with Python | Brian May | 2018-08-20 | 4 | -96/+3 |
| | | |||||
* | | Replace "x.has_key(y)" with "y in x" syntax | Brian May | 2018-08-20 | 7 | -16/+16 |
|/ | |||||
* | Fix print statements for Python 3.6 compatibility | Brian May | 2018-08-06 | 8 | -72/+77 |
| | |||||
* | Replace <> with != for Python 3.6 compatibility | Brian May | 2018-07-15 | 6 | -26/+26 |
| | |||||
* | Update python exception syntax for Python 3.6 compatibility | Brian May | 2018-07-13 | 7 | -45/+45 |
| | |||||
* | Drop powerpc from sid architectures | Raphaël Hertzog | 2018-07-08 | 1 | -1/+1 |
| | | | | It's gone from the main mirror. It now resides on ports.debian.org. | ||||
* | Merge branch 'jcristau/security-tracker-head' | Salvatore Bonaccorso | 2018-07-07 | 1 | -2/+5 |
|\ | |||||
| * | lib: add support for the HEAD HTTP method | Julien Cristau | 2018-07-06 | 1 | -2/+5 |
| | | | | | | | | Fixes security-tracker-team/security-tracker#3 | ||||
* | | Also set Content-Length for HTMLResult | Julien Cristau | 2018-07-06 | 1 | -0/+1 |
|/ | |||||
* | Set Content-Length for BinaryResult | Julien Cristau | 2018-07-06 | 1 | -0/+1 |
| | |||||
* | lib: add "headers" attribute on Result objects | Julien Cristau | 2018-07-06 | 1 | -31/+26 |
| | | | | Make it possible to set arbitrary headers when returning a Result. | ||||
* | Reduce list of supported architectures for jessie under LTS support | Salvatore Bonaccorso | 2018-06-16 | 1 | -1/+1 |
| | |||||
* | sources: add name and path info | Emilio Pozuelo Monfort | 2018-06-15 | 1 | -6/+9 |
| | | | | This avoids having to guess the name from the path. | ||||
* | Rename CVECUSTOMERFile to CVEExtendFile | Emilio Pozuelo Monfort | 2018-06-08 | 1 | -1/+5 |
| | |||||
* | Simplify Extends support | Emilio Pozuelo Monfort | 2018-06-08 | 1 | -44/+20 |
| | | | | | | BugExtend.writeDB() is pretty similar to BugBase's, so update the latter to take extends into account when necessary to avoid unneeded duplicated code. | ||||
* | Add support for CUSTOMER bugs and CVE extends | Bastian Blank | 2018-06-08 | 1 | -1/+36 |
| | |||||
* | Dynamically create announce queries | Emilio Pozuelo Monfort | 2018-06-08 | 1 | -2/+20 |
| | | | | Based on the DSA-like files present in the config file. | ||||
* | Move source list to a config file | Emilio Pozuelo Monfort | 2018-06-08 | 1 | -10/+11 |
| | |||||
* | Merge DLAFile into DSAFile | Emilio Pozuelo Monfort | 2018-06-08 | 2 | -10/+10 |
| | | | | | The only difference is that the regular expressions look for DSA or DLA, but we can just guess that based on the path. | ||||
* | Simplify DLAFile | Emilio Pozuelo Monfort | 2018-06-08 | 1 | -36/+1 |
| | | | | Subclass DSAFile rather than copying it. | ||||
* | Generalize the code to fetch Packages/Sources updates | Raphaël Hertzog | 2018-05-31 | 1 | -0/+39 |
| | | | | | | | | | | It's now easy to extend by adding a supplementary lib/foobar-releases.mk file. I verified that the set of downloaded files are identical with the exception of a bug that got fixed in the process: the update-backports-% rule used to download files for all sections (main, contrib, non-free) but saved them all under the name corresponding to the main section. | ||||
* | Revert changes unrelated to the partclone no-dsa marking | Salvatore Bonaccorso | 2018-05-05 | 2 | -45/+3 |
| | |||||
* | partclone no-dsa on wheezy | Emilio Pozuelo Monfort | 2018-05-05 | 2 | -3/+45 |
| | |||||
* | Convert URLs from http to https where it seems safe to do so | Paul Wise | 2018-01-17 | 1 | -1/+1 |
| | |||||
* | Let the CVE parser know about postponed & ignored sub-states | Sebastien Delafond | 2017-08-13 | 1 | -1/+1 |
| | | | | git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@54714 e39458fd-73e7-0310-bf30-c45bca0a0e42 | ||||
* | Make sure comment is initialized | Sebastien Delafond | 2017-08-11 | 1 | -0/+1 |
| | | | | git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@54618 e39458fd-73e7-0310-bf30-c45bca0a0e42 |