[Secure-testing-commits] r1278 - data

Mon, 27 Jun 2005 20:07:11 +0000

Author: joeyh
Date: 2005-06-27 20:07:10 +0000 (Mon, 27 Jun 2005)
New Revision: 1278

Modified:
   data/checklist
Log:
Rework agrument processing, html is now --html.

Add a --suite patameter and some limited support for running against
other suites.


Modified: data/checklist
===================================================================

--- data/checklist	2005-06-27 19:45:25 UTC (rev 1277)
+++ data/checklist	2005-06-27 20:07:10 UTC (rev 1278)
@@ -4,20 +4,15 @@
 # To check for un-updated binary kernel packages, also needs grep-dctrl 
 # and a Sources file for the distribution. Set the location of the Sources
 # file in SOURCES_FILE in the environment.
-# 
 use URI::Escape;
+use Getopt::Long;
 
 my $html=0;
-if ($ARGV[0] eq 'html') {
-	shift;
-	$html=1;
+my $suite="testing";
+if (! GetOptions("html" => \$html, "suite=s" => \$suite) || ! @ARGV) {
+	die "usage: $0 [--suite suite] [--html] list ...\n";
 }
 
-if (! @ARGV) {
-	die "usage: $0 [html] list\n";
-}
-
-
 my %data;
 my %needkernel=qw/2.4.27 0 2.6.11 0/;
 my $list_unknown=1; #set to 1 to display kernel images with unknown source version
@@ -97,7 +92,7 @@
 
 			my @maddy;
 			for (1..5) {
-				@maddy=`madison -s testing '$package'`;
+				@maddy=`madison -s '$suite' '$package'`;
 				if ($? & 127 || ($? >> 8 != 0 && $? >> 8 != 1)) {
 					# good old unrelaible newraff,
 					# home of our archive..
@@ -128,7 +123,7 @@
 					$arches=~s/\s+$//;
 					my $cmp=system("dpkg --compare-versions '$havver' '>=' '$version'");
 					if ($cmp != 0) {
-						if ($html) {
+						if ($html && $suite eq 'testing') {
 							$havver='<a href="http://bjorn.haxx.se/debian/testing.pl?package='.uri_escape($package).'">'.$havver.'</a>';
 						}
 						record($package, "$version needed, have $havver".(@maddy > 1 ? " [$arches]" : ""), $id, $urgency);
@@ -146,7 +141,18 @@
 
 
 if ($html) {
-	print "<html><title>testing security issues</title>\n";
+	print "<html><title>$suite security issues</title>\n";
+	if ($suite ne 'testing' && $suite ne 'unstable') {
+		print <<"EOF";
+<p>
+<em>Warning:</em> This page is the result of running the testing security
+check script against the $suite distribution. As data is only gathered for
+the testing distribution, results may be innecurate if a package has
+changed its name, if a vulnerability affects $suite and not testing, or if a
+vulnerability has been fixed in $suite by the $suite security team.
+</p>
+EOF
+	}
 	print "<ul>\n";
 }
 
@@ -228,7 +234,7 @@
 	print "</ul>\n";
 	print "<hr>\n";
 	print "Total holes unfixed: $unfixed<br>\n";
-	print "Total holes fixed in unstable but not testing: $unprop_all";
+	print "Total holes fixed in unstable but not $suite: $unprop_all";
 	if ($unprop_all != $unprop) {
 		print " (+".($unprop - $unprop_all)." on some arches)";
 	}



