[Secure-testing-commits] r24532 - bin

Raphael Geissert geissert at moszumanska.debian.org
Mon Dec 2 23:31:33 UTC 2013 

Author: geissert
Date: 2013-12-02 23:31:33 +0000 (Mon, 02 Dec 2013)
New Revision: 24532

Modified:
   bin/gen-DSA
Log:
Allow the DSA text and entries to be generated for embargoed issues

Usage: bin/gen-DSA [--save] --embargo package description cve

Then when about to release you svn *up* and:

bin/gen-DSA --unembargo package

An id will then be assigned and the dates corrected if needed



Modified: bin/gen-DSA
===================================================================
--- bin/gen-DSA	2013-12-02 22:57:19 UTC (rev 24531)
+++ bin/gen-DSA	2013-12-02 23:31:33 UTC (rev 24532)
@@ -35,7 +35,7 @@
 }
 
 [ $# -ge 2 ] || {
-    echo "usage: $0 [--save] [DSA] package 'vulnerability desc' [cve(s) [bugnumber(s)]]"
+    echo "usage: $0 [--save] [--embargoed|--unembargo] [DSA] package 'vulnerability desc' [cve(s) [bugnumber(s)]]"
     echo "       'DSA' is the DSA number, required when issuing a revision"
     echo "       'cve(s)' and 'bugnumber(s)' can be passed in any order but"
     echo "         always AFTER the description"
@@ -49,6 +49,19 @@
     shift
 fi
 
+embargoed=false
+if [ "$1" = "--embargoed" ]; then
+    embargoed=true
+    shift
+fi
+
+unembargo=false
+if [ "$1" = "--unembargo" ]; then
+    unembargo=true
+    shift
+    set -- "$1" "${2:-bar}"
+fi
+
 toupper() {
     printf '%s' "$1" | tr '[:lower:]' '[:upper:]'
 }
@@ -253,6 +266,10 @@
     grep -wq "DSA-$1" data/DSA/list
 }
 
+if $embargoed; then
+    DSAID=EMBRGD-"$PACKAGE"
+fi
+
 if [ -z "$DSAID" ]; then
     latest_dsa="$(sed -nr '/DSA-[0-9]+-1/{s/^.+DSA-([0-9]+).*$/\1/;p;q}' data/DSA/list)"
     dsa=$(($latest_dsa+1))
@@ -274,6 +291,27 @@
     exit 1
 fi
 
+if $unembargo; then
+    EMBRGD_ID="EMBRGD-$PACKAGE"
+    mv "DSA-${EMBRGD_ID}" DSA-"$DSAID"
+
+    # get the date of when the embargoed entry was generated
+    gen_date="$(sed -rn "/DSA-${EMBRGD_ID}/{s/^\[(.+)\].+$/\1/;p;t}" data/DSA/list)"
+
+    OLD_DATE="$(date -d "$gen_date" +"%B %d, %Y")"
+    OLD_SPACEDDATE="$(right_space "$OLD_DATE" "$DATE_SPACING")"
+
+    NEW_DATE="$(date +"%B %d, %Y")"
+    NEW_SPACEDDATE="$(right_space "$NEW_DATE" "$DATE_SPACING")"
+
+    sed -ri "/DSA-${EMBRGD_ID}/{s/\[.+\]/[$(date +"%d %b %Y")]/;s/DSA-${EMBRGD_ID}/DSA-$DSAID/;}" data/DSA/list
+    sed -i "s/${EMBRGD_ID}/$DSAID/g" DSA-"$DSAID"
+    sed -i "s/^$OLD_SPACEDDATE/$NEW_SPACEDDATE/" DSA-"$DSAID"
+
+    echo "'Unembargoing' as DSA-$DSAID"
+    exit
+fi
+
 if echo "$VULNERABILITY" | grep -iq vulnerab; then
     warn "redundant vulnerability adjective/noun in vuln. summary" >&2
 fi

More information about the Secure-testing-commits mailing list