[Secure-testing-commits] r58 - sarge-checks
Joey Hess
joeyh@haydn.debian.org
Mon, 01 Nov 2004 17:39:34 -0700
Author: joeyh
Date: 2004-11-01 17:39:27 -0700 (Mon, 01 Nov 2004)
New Revision: 58
Added:
sarge-checks/README
sarge-checks/checklist
Removed:
sarge-checks/checklist.pl
sarge-checks/people
Log:
ad a readme, remove .pl, remove people list now that there is a real
mailing list
Added: sarge-checks/README
===================================================================
--- sarge-checks/README 2004-11-02 00:00:34 UTC (rev 57)
+++ sarge-checks/README 2004-11-02 00:39:27 UTC (rev 58)
@@ -0,0 +1,30 @@
+The checklist program can be run on a system with madison available to
+check vulnerability info from the list files against what packages are in
+testing. So the various list files need a common, machine parsable format.
+That format is:
+
+[date] id description
+ {id id id}
+ UPCASE: test
+ - package version
+
+Without writing a format grammar, because this is really rather ad-hoc and
+probably will be replaced with something better:
+
+[date]
+ The date of the advisory in the form dd Mmm YYYY (01 Nov 2004).
+ Optional, only given for DSAs at the moment.
+id
+ DSA-nnn-n, CAN-YYY-nnnn, CVE-YYY-nnnn, etc
+description
+ Pretty much freeform description of the problem. Short and optional.
+ Generally only used for DSAs right now.
+{id id id}
+ This is used to link to other ids that describe the same hole.
+ Generally used to link DSAs to CAN's and CVEs
+UPCASE
+ Any word in upper case, typically NOTE, HELP, TODO.
+ May be repeated for each entry.
+- package version
+ Indicates that the problem is fixed in the given version of the
+ package. May repeat for other packages.
Copied: sarge-checks/checklist (from rev 56, sarge-checks/checklist.pl)
===================================================================
--- sarge-checks/checklist.pl 2004-11-01 22:35:44 UTC (rev 56)
+++ sarge-checks/checklist 2004-11-02 00:39:27 UTC (rev 58)
@@ -0,0 +1,42 @@
+#!/usr/bin/perl
+# Must run on a machine with madison.
+
+if (! @ARGV) {
+ die "usage: $0 list\n";
+}
+
+foreach my $list (@ARGV) {
+ if (-d $list) {
+ $list="$list/list";
+ }
+
+ open (IN, $list) || die "open $list: $!";
+ while (<IN>) {
+ chomp;
+ if (/^\[/) {
+ ($id)=m/((?:DSA|CAN|CVE)-.*?) /;
+ }
+ elsif (/^(DSA|CAN|CVE)-/) {
+ $id=$_;
+ }
+ elsif (/^\s+[!-]\s+(.*?)\s+(.*)$/) {
+ my $package=$1;
+ my $version=$2;
+ if ($version=~/unfixed/) {
+ print "$package $version for $id\n";
+ next;
+ }
+ my $maddy=`madison -s testing '$package'`;
+ if (length $maddy) {
+ my @fields = split(/\s*\|\s*/, $maddy);
+ my $cmp=system("dpkg --compare-versions '$fields[1]' '>=' '$version'");
+ if ($cmp != 0) {
+ print "$package $version needed, have $fields[1] for $id\n";
+ }
+ }
+ }
+ elsif (/HELP/) {
+ print $_." ($id)\n";
+ }
+ }
+}
Deleted: sarge-checks/checklist.pl
===================================================================
--- sarge-checks/checklist.pl 2004-11-02 00:00:34 UTC (rev 57)
+++ sarge-checks/checklist.pl 2004-11-02 00:39:27 UTC (rev 58)
@@ -1,42 +0,0 @@
-#!/usr/bin/perl
-# Must run on a machine with madison.
-
-if (! @ARGV) {
- die "usage: $0 list\n";
-}
-
-foreach my $list (@ARGV) {
- if (-d $list) {
- $list="$list/list";
- }
-
- open (IN, $list) || die "open $list: $!";
- while (<IN>) {
- chomp;
- if (/^\[/) {
- ($id)=m/(DSA-.*?) /;
- }
- elsif (/^(CAN|CVE)-/) {
- $id=$_;
- }
- elsif (/^\s+[!-]\s+(.*?)\s+(.*)$/) {
- my $package=$1;
- my $version=$2;
- if ($version=~/unfixed/) {
- print "$package $version for $id\n";
- next;
- }
- my $maddy=`madison -s testing '$package'`;
- if (length $maddy) {
- my @fields = split(/\s*\|\s*/, $maddy);
- my $cmp=system("dpkg --compare-versions '$fields[1]' '>=' '$version'");
- if ($cmp != 0) {
- print "$package $version needed, have $fields[1] for $id\n";
- }
- }
- }
- elsif (/HELP/) {
- print $_." ($id)\n";
- }
- }
-}
Deleted: sarge-checks/people
===================================================================
--- sarge-checks/people 2004-11-02 00:00:34 UTC (rev 57)
+++ sarge-checks/people 2004-11-02 00:39:27 UTC (rev 58)
@@ -1,20 +0,0 @@
-Joey Hess <joeyh@debian.org>
-Matt Zimmerman <mdz@debian.org>
-Bdale Garbee <bdale@debian.org>
-Chris Halls <halls@debian.org>
-Martin Schulze <joey@debian.org>
-Andreas Mueller <amu@tr.debian.net>
-Petter Reinholdtsen <pere@hungry.com>
-Martin Michlmayr <tbm@cyrius.com>
-Andreas Barth <aba@not.so.argh.org>
-Ernesto Hernandez-Novich <emhn@telcel.net.ve>
-Finn-Arne Johansen <faj@bzz.no>
-Djoumé SALVETTI <salvetti@crans.org>
-Steinar H. Gunderson <sesse@debian.org>
-Andres Salomon <dilinger@voxel.net>
-Baruch Even <baruch@ev-en.org>
-Thomas Wana <thomas@wana.at>
-martin f. krafft <madduck@debian.org>
-Paul Dwerryhouse <paul@dwerryhouse.com.au>
-Wartan Hachaturow <wart@debian.org>
-Stefan Fritsch <sfritsch@ph.tum.de>