1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
|
#!/usr/bin/env python
#
# generate bug report content for a given package name
# and a number of CVE ids
#
# you could use it for example in combination with the
# following shell function:
# report-vuln(){
# TMPFILE="$HOME/reportbug.tmp"
# $HOME/debian/svn/secure-testing/bin/report-vuln "$@" > $TMPFILE
# mutt -i $TMPFILE submit@bugs.debian.org
# rm $TMPFILE
# }
# export http_proxy if you need to use an http proxy to report bugs
import sys, re, httplib, os
def gen_index(ids):
ret = ''
for cnt, id in enumerate(ids):
ret += '\n[' + str(cnt) + '] http://cve.mitre.org/cgi-bin/cvename.cgi?name=' + id + '\n'
ret += ' http://security-tracker.debian.net/tracker/' + id
return ret
def do_httpconnect(id):
proxy = os.getenv('http_proxy')
if proxy:
proxy = proxy.lstrip('http://')
url = '/cgi-bin/cvename.cgi?name=' + id
host = 'cve.mitre.org'
if proxy != None:
host = proxy
url = 'http://cve.mitre.org' + url
try:
conn = httplib.HTTPConnection(host)
conn.request('GET', url)
resp = conn.getresponse()
except Exception, e:
error('on doing HTTP request' + str(e))
return resp
# this is a hack that parses the cve id description from mitre
def get_cve(id):
desc = False
r = re.compile('.*<th\ colspan=.*>Description<.*')
tag = re.compile('.*</?tr>.*')
ret = ''
resp = do_httpconnect(id)
for line in resp.read().rsplit('\n'):
if r.match(line):
desc = True
continue
if tag.match(line) and desc:
continue
if desc and '<td colspan="2">' in line:
ret += '| ' + re.sub('.*<td colspan="2">', '', line)
continue
if desc and '</td>' in line:
break
if desc and line != '':
ret = ret + '\n| ' + line
return ret + '\n'
def gen_text(pkg, cveid):
vuln_suff = 'y'
cve_suff = ''
time_w = 'was'
if len(cveid) > 1:
cve_suff = 's'
vuln_suff = 'ies'
time_w = 'were'
header = '''Package: %s
Version: FILLINAFFECTEDVERSION
Severity: FILLINSEVERITY
Tags: security
Hi,
the following CVE (Common Vulnerabilities & Exposures) id%s %s
published for %s.
''' % (pkg, cve_suff, time_w, pkg)
footer = '''If you fix the vulnerabilit%s please also make sure to include the
CVE id%s in your changelog entry.
For further information see:''' % (vuln_suff, cve_suff)
print header
for cnt, cve in enumerate(cveid):
print cve + '[' + str(cnt) + ']:'
print get_cve(cve)
print footer
print gen_index(cveid)
def error(msg):
print 'error: ' + msg
sys.exit(1)
def usage():
print sys.argv[0], '<pkg> <cve id(s)>'
sys.exit(0)
def main():
if len(sys.argv) < 3:
usage()
pkg = sys.argv[1]
cve = sys.argv[2:]
# check for valid parameters
p = re.compile('^[a-z].*')
c = re.compile('(CVE|cve)\-[0-9]{4}-[0-9]{4}')
if not p.match(pkg):
error(pkg + ' does not seem to be a valid source package name')
for arg in cve:
if not c.match(arg):
error(arg + ' does not seem to be a valid CVE id')
gen_text(pkg, cve)
if __name__ == '__main__':
main()
|