[Secure-testing-commits] r24590 - bin lib/python lib/python/sectracker

Thu Dec 5 12:16:57 UTC 2013

Author: thijs
Date: 2013-12-05 12:16:57 +0000 (Thu, 05 Dec 2013)
New Revision: 24590

Modified:
   bin/check-new-issues
   bin/compare-testing-status
   bin/dsa2list
   bin/report-vuln
   lib/python/bugs.py
   lib/python/sectracker/parsers.py
Log:
prepare for new CVE format


Modified: bin/check-new-issues
===================================================================

--- bin/check-new-issues	2013-12-05 06:33:59 UTC (rev 24589)
+++ bin/check-new-issues	2013-12-05 12:16:57 UTC (rev 24590)
@@ -141,7 +141,7 @@
 
 foreach my $entry (@{$entries}) {
 	my $name;
-	if ( $entry =~ /^(CVE-....-\d\d\d\d)/ ) {
+	if ( $entry =~ /^(CVE-....-\d{4,})/ ) {
 		$name=$1;
 	}
 	elsif ( $entry =~ /^(CVE-....-XXXX.*)\n/ ){

Modified: bin/compare-testing-status
===================================================================
--- bin/compare-testing-status	2013-12-05 06:33:59 UTC (rev 24589)
+++ bin/compare-testing-status	2013-12-05 12:16:57 UTC (rev 24590)
@@ -181,7 +181,7 @@
 	my $result = $sth_desc->fetchall_arrayref();
 	$desc = $result->[0]->[0];
 
-	if ( $issue =~ /^CVE-\d{4}-\d{4}/ ) {
+	if ( $issue =~ /^CVE-\d{4}-\d{4,}/ ) {
 		$url = "http://cve.mitre.org/cgi-bin/cvename.cgi?name=" . $issue ;
 		return "$issue: $url\n";
 	}

Modified: bin/dsa2list
===================================================================
--- bin/dsa2list	2013-12-05 06:33:59 UTC (rev 24589)
+++ bin/dsa2list	2013-12-05 12:16:57 UTC (rev 24590)
@@ -61,7 +61,7 @@
 re_title = re.compile(r'^Subject: .*\[DSA[ -](\d+-\d+)\] .* fix(?:es)? (.*)$')
 re_date = re.compile(r'^([A-Z][a-z][a-z])[a-z]* (\d+)[a-z]*, (\d+)\s+http://.*')
 
-re_cve = re.compile('(CVE-\d{4}-\d{4})')
+re_cve = re.compile('(CVE-\d{4}-\d{4,})')
 release_headline_re = re.compile(
     r'^Debian GNU/Linux [0-9.]+ (?:\(|alias) ([a-z]+).*')
 release_headline_re_s = re.compile(r'^Debian \((\w+)\)')

Modified: bin/report-vuln
===================================================================
--- bin/report-vuln	2013-12-05 06:33:59 UTC (rev 24589)
+++ bin/report-vuln	2013-12-05 12:16:57 UTC (rev 24590)
@@ -181,7 +181,7 @@
 
 	# check for valid parameters
 	p = re.compile('^[a-z].*')
-	c = re.compile('(CVE|cve)\-[0-9]{4}-[0-9]{4}')
+	c = re.compile('(CVE|cve)\-[0-9]{4}-[0-9]{4,}')
 
 	if not p.match(pkg):
 		error(pkg + ' does not seem to be a valid source package name')

Modified: lib/python/bugs.py
===================================================================
--- lib/python/bugs.py	2013-12-05 06:33:59 UTC (rev 24589)
+++ lib/python/bugs.py	2013-12-05 12:16:57 UTC (rev 24590)
@@ -186,7 +186,7 @@
 class BugBase:
     "Base class for entries in the bug list."""
 
-    re_cve_name = re.compile(r'^CVE-\d{4}-\d{4}$')
+    re_cve_name = re.compile(r'^CVE-\d{4}-\d{4,}$')
 
     def __init__(self, fname, lineno, date, name, description, comments):
         assert type(fname) in types.StringTypes
@@ -416,11 +416,11 @@
     re_xref_required = re.compile(r'^\{')
     re_xref = re.compile(r'^\{\s*([^\}]+?)\s*\}$')
     re_whitespace = re.compile(r'\s+')
-    re_xref_entry = re.compile('^(?:CVE-\d{4}-\d{4}'
+    re_xref_entry = re.compile('^(?:CVE-\d{4}-\d{4,}'
                                + r'|VU#\d{6}'
                                + r'|DSA-\d+(?:-\d+)?|DTSA-\d+-\d+)$')
     re_xref_entry_own = re.compile(
-        '^(?:CVE-\d{4}-\d{4}|DSA-\d+(?:-\d+)?|DTSA-\d+-\d+)$')
+        '^(?:CVE-\d{4}-\d{4,}|DSA-\d+(?:-\d+)?|DTSA-\d+-\d+)$')
 
     re_package_required = re.compile(r'^(?:\[.*\]\s*)?-')
     re_package_version = re.compile(
@@ -735,7 +735,7 @@
 class CVEFile(FileBase):
     """A CVE file, as used by the Debian testing security team."""
     
-    re_cve = re.compile(r'^(CVE-\d{4}-(?:\d{4}|XXXX))\s+(.*?)\s*$')
+    re_cve = re.compile(r'^(CVE-\d{4}-(?:\d{4,}|XXXX))\s+(.*?)\s*$')
 
     def __init__(self, name, fileObj=None):
         FileBase.__init__(self, name, fileObj)

Modified: lib/python/sectracker/parsers.py
===================================================================
--- lib/python/sectracker/parsers.py	2013-12-05 06:33:59 UTC (rev 24589)
+++ lib/python/sectracker/parsers.py	2013-12-05 12:16:57 UTC (rev 24590)
@@ -241,7 +241,7 @@
 
 @_xpickle.loader("CVE" + FORMAT)
 def cvelist(path, f):
-    re_header = re.compile(r'^(CVE-\d{4}-(?:\d{4}|XXXX))\s+(.*?)\s*$')
+    re_header = re.compile(r'^(CVE-\d{4}-(?:\d{4,}|XXXX))\s+(.*?)\s*$')
     def parseheader(line):
         match = re_header.match(line)
         if match is None:


