[Secure-testing-commits] r2491 - bin
Florian Weimer
fw at costa.debian.org
Thu Oct 20 09:04:17 UTC 2005
Author: fw
Date: 2005-10-20 09:04:11 +0000 (Thu, 20 Oct 2005)
New Revision: 2491
Modified:
bin/tracker_service.py
Log:
r773 at deneb: fw | 2005-10-20 10:42:35 +0200
bin/tracker_service.py (BugFilter):
New class.
(TrackerService):
Use it where applicable.
Modified: bin/tracker_service.py
===================================================================
--- bin/tracker_service.py 2005-10-20 09:04:01 UTC (rev 2490)
+++ bin/tracker_service.py 2005-10-20 09:04:11 UTC (rev 2491)
@@ -14,6 +14,37 @@
import security_db
from web_support import *
+class BugFilter:
+ def __init__(self, params):
+ self.hide_medium_urgency = int(params.get('hide_medium_urgency',
+ (0,))[0])
+ self.hide_non_remote = int(params.get('hide_non_remote',
+ (0,))[0])
+
+ def actions(self, url):
+ """Returns a HTML snippet which can be used to change the filter."""
+ if self.hide_medium_urgency:
+ urg = A(url.updateParams(hide_medium_urgency=None),
+ 'Show lower urgencies')
+ else:
+ urg = A(url.updateParams(hide_medium_urgency='1'),
+ 'Hide lower urgencies')
+ if self.hide_non_remote:
+ rem = A(url.updateParams(hide_non_remote=None),
+ 'Show local vulnerabilities')
+ else:
+ rem = A(url.updateParams(hide_non_remote='1'),
+ 'Hide local vulnerabilities')
+ return P(urg, ' ', rem)
+
+ def urgencyFiltered(self, urg):
+ """Returns True if the urgency urg is filtered."""
+ return self.hide_medium_urgency and urg not in ("high", "unknown", "")
+
+ def remoteFiltered(self, remote):
+ """Returns True if the attack range is filtered."""
+ return remote is not None and self.hide_non_remote and not remote
+
class TrackerService(WebService):
head_contents = compose(STYLE(
"""h1 { font-size : 144%; }
@@ -459,12 +490,19 @@
this package, but still reference it.""")])
def page_status_release_stable(self, path, params, url):
+ bf = BugFilter(params)
+
def gen():
old_pkg_name = ''
for (pkg_name, bug_name, archive, urgency, remote) in \
self.db.cursor().execute(
"""SELECT package, bug, section, urgency, remote
FROM stable_status"""):
+ if bf.urgencyFiltered(urgency):
+ continue
+ if bf.remoteFiltered(remote):
+ continue
+
if pkg_name == old_pkg_name:
pkg_name = ''
else:
@@ -488,10 +526,13 @@
return self.create_page(
url, 'Vulnerable source packages in the stable suite',
- [make_table(gen(), caption=("Package", "Bug", "Urgency",
+ [bf.actions(url),
+ make_table(gen(), caption=("Package", "Bug", "Urgency",
"Remote"))])
def page_status_release_testing(self, path, params, url):
+ bf = BugFilter(params)
+
def gen():
old_pkg_name = ''
for (pkg_name, bug_name, archive, urgency,
@@ -499,6 +540,11 @@
"""SELECT package, bug, section, urgency, unstable_vulnerable,
testing_security_fixed, remote
FROM testing_status"""):
+ if bf.urgencyFiltered(urgency):
+ continue
+ if bf.remoteFiltered(remote):
+ continue
+
if pkg_name == old_pkg_name:
pkg_name = ''
else:
@@ -531,21 +577,31 @@
url, 'Vulnerable source packages in the testing suite',
[make_menu(url.scriptRelative,
("status/dtsa-candidates", "Candidates for DTSAs")),
+ bf.actions(url),
make_table(gen(), caption=("Package", "Bug", "Urgency",
"Remote"))])
def page_status_release_unstable(self, path, params, url):
+ bf = BugFilter(params)
+
def gen():
old_pkg_name = ''
- for (pkg_name, bug_name, section, urgency) \
+ for (pkg_name, bug_name, section, urgency, remote) \
in self.db.cursor().execute(
"""SELECT DISTINCT sp.name, st.bug_name,
- sp.archive, st.urgency
+ sp.archive, st.urgency,
+ (SELECT range_remote FROM nvd_data
+ WHERE cve_name = st.bug_name)
FROM source_package_status AS st, source_packages AS sp
WHERE st.vulnerable AND st.urgency <> 'unimportant'
AND sp.rowid = st.package AND sp.release = 'sid'
AND sp.subrelease = ''
ORDER BY sp.name, st.bug_name"""):
+ if bf.urgencyFiltered(urgency):
+ continue
+ if bf.remoteFiltered(remote):
+ continue
+
if pkg_name == old_pkg_name:
pkg_name = ''
else:
@@ -555,12 +611,19 @@
else:
pkg_name = self.make_xref(url, pkg_name)
+ if remote is None:
+ remote = ''
+ elif remote:
+ remote = 'yes'
+ else:
+ remote = 'no'
+
if urgency == 'unknown':
urgency = ''
elif urgency == 'high':
urgency = self.make_red(urgency)
- yield pkg_name, self.make_xref(url, bug_name), urgency
+ yield pkg_name, self.make_xref(url, bug_name), urgency, remote
return self.create_page(
@@ -570,12 +633,17 @@
fixed source version has been uploaded to the archive, even
if there are still some vulnerably binary packages present
in the archive."""),
- make_table(gen(), caption=('Package', 'Bug', 'Urgency'))])
+ bf.actions(url),
+ make_table(gen(), caption=('Package', 'Bug', 'Urgency',
+ 'Remote'))])
def page_status_dtsa_candidates(self, path, params, url):
+ bf = BugFilter(params)
+
def gen():
old_pkg_name = ''
- for (pkg_name, bug_name, archive, urgency, stable_later) \
+ for (pkg_name, bug_name, archive, urgency, stable_later,
+ remote) \
in self.db.cursor().execute(
"""SELECT package, bug, section, urgency,
(SELECT testing.version_id < stable.version_id
@@ -587,10 +655,17 @@
AND stable.name = testing_status.package
AND stable.release = 'sarge'
AND stable.subrelease = 'security'
- AND stable.archive = testing_status.section)
+ AND stable.archive = testing_status.section),
+ (SELECT range_remote FROM nvd_data
+ WHERE cve_name = bug)
FROM testing_status
WHERE (NOT unstable_vulnerable)
AND (NOT testing_security_fixed)"""):
+ if bf.urgencyFiltered(urgency):
+ continue
+ if bf.remoteFiltered(remote):
+ continue
+
if pkg_name == old_pkg_name:
pkg_name = ''
migration = ''
@@ -603,6 +678,13 @@
else:
pkg_name = self.make_source_package_ref(url, pkg_name)
+ if remote is None:
+ remote = ''
+ elif remote:
+ remote = 'yes'
+ else:
+ remote = 'no'
+
if urgency == 'unknown':
urgency = ''
elif urgency == 'high':
@@ -614,7 +696,7 @@
notes = ''
yield (pkg_name, migration, self.make_xref(url, bug_name),
- urgency, notes)
+ urgency, remote, notes)
return self.create_page(
url, "Candidates for DTSAs",
@@ -625,8 +707,10 @@
make_menu(url.scriptRelative,
("status/release/testing",
"List of vulnerable packages in testing")),
+ bf.actions(url),
make_table(gen(),
- caption=("Package", "Migration", "Bug", "Urgency"))])
+ caption=("Package", "Migration", "Bug", "Urgency",
+ "Remote"))])
def page_status_todo(self, path, params, url):
def gen():
More information about the Secure-testing-commits
mailing list