[Secure-testing-commits] r3147 - lib/python

Sat Dec 24 09:37:24 UTC 2005

Author: fw
Date: 2005-12-24 09:37:23 +0000 (Sat, 24 Dec 2005)
New Revision: 3147

Modified:
   lib/python/security_db.py
Log:
lib/python/security_db.py (DB.calculateDebsecan1):
  Only include CVE-* and FAKE-* vulnerabilities in version 1 data.
  (The other data is redundant anyway, and no unstable vulnerability
  status information is available.)


Modified: lib/python/security_db.py
===================================================================

--- lib/python/security_db.py	2005-12-24 09:14:21 UTC (rev 3146)
+++ lib/python/security_db.py	2005-12-24 09:37:23 UTC (rev 3147)
@@ -1363,9 +1363,10 @@
                 (SELECT range_remote FROM nvd_data
                  WHERE cve_name = p.bug_name)
                 FROM package_notes AS p, bugs AS b
-                WHERE p.urgency <> 'unimportant'
+                WHERE (p.bug_name LIKE 'CVE-%' OR p.bug_name LIKE 'FAKE-%')
+                AND p.bug_name NOT LIKE 'FAKE-0000000-%'
+                AND p.urgency <> 'unimportant'
                 AND COALESCE(p.fixed_version, '') <> '0'
-                AND name NOT LIKE 'FAKE-0000000-%'
                 AND p.package_kind IN ('source', 'binary', 'unknown')
                 AND b.name = p.bug_name
                 ORDER BY p.bug_name"""):
@@ -1401,7 +1402,8 @@
             for (bug, package) in list(c.execute(
                 """SELECT DISTINCT bug_name, package
                 FROM package_notes
-                WHERE bug_name NOT LIKE 'FAKE-0000000-%'
+                WHERE (bug_name LIKE 'CVE-%' OR bug_name LIKE 'FAKE-%')
+                AND bug_name NOT LIKE 'FAKE-0000000-%'
                 AND package_kind IN ('source', 'binary', 'unknown')
                 GROUP BY package, bug_name
                 ORDER BY package, bug_name""")):


