From cb1591068d83afd47c32583d4fec1b8c1e48c746 Mon Sep 17 00:00:00 2001
From: Emilio Pozuelo Monfort <pochu@debian.org>
Date: Wed, 16 Jun 2021 18:21:05 +0200
Subject: security_db: fix releasepart_to_number on non-main

For releases with a component (e.g. buster/non-free),
releasepart_to_number was not spliting the component. This
was causing bad sorting on CVE pages for packages in contrib
or non-free.
---
 lib/python/security_db.py | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'lib')

diff --git a/lib/python/security_db.py b/lib/python/security_db.py
index caf8ae67bc..c4f163cb7a 100644
--- a/lib/python/security_db.py
+++ b/lib/python/security_db.py
@@ -592,7 +592,10 @@ class DB:
         def releasepart_to_number(r):
             # expects a string in the form "codename (security)"
             try:
+                # split the (optional) subrelease
                 u=r.split()[0]
+                # split the (optional) component
+                u=u.split('/')[0]
                 return release_to_number(u)
             except ValueError:
                 return -1
-- 
cgit v1.2.3