[Secure-testing-commits] r14664 - lib/python/sectracker

[Florian Weimer]

Author: fw
Date: 2010-05-10 19:06:41 +0000 (Mon, 10 May 2010)
New Revision: 14664

Modified:
   lib/python/sectracker/analyzers.py
Log:
sectracker.analyzers.vulnerabilities(): fix logic bug

fixed_other was not computed correctly.


Modified: lib/python/sectracker/analyzers.py
===================================================================
--- lib/python/sectracker/analyzers.py	2010-05-09 21:43:25 UTC (rev 14663)
+++ lib/python/sectracker/analyzers.py	2010-05-10 19:06:41 UTC (rev 14664)
@@ -209,18 +209,15 @@
                     # unstable fix.
                     continue
                 if rel in preleases:
-                    relver = convertversion(preleases[rel][1])
-                    if relver is None:
+                    refver = convertversion(preleases[rel][1])
+                    if refver is None:
                         continue
-                    if relver is True:
-                        # FIXME? should not happen because the
-                        # vulnerable must have been present in
-                        # unstable at some point
+                    if refver is True:
+                        # Annotations like <not-affected>.
                         other_versions.add(ver)
                         continue
-                    if vercmp(ver, relver) >= 0:
-                        continue
-                    other_versions.add(ver)
+                    if vercmp(ver, refver) >= 0:
+                        other_versions.add(ver)
             result.append(Vulnerability(bug.header.name, pname,
                                         unstable_fixed, other_versions))
     return result