[Secure-testing-commits] r25619 - bin lib/python
Luciano Bello
luciano at moszumanska.debian.org
Sat Feb 8 21:55:17 UTC 2014
Author: luciano
Date: 2014-02-08 21:55:17 +0000 (Sat, 08 Feb 2014)
New Revision: 25619
Modified:
bin/tracker_service.py
lib/python/security_db.py
Log:
plit fake-names if they care or no
unifying spaces and tabs
Modified: bin/tracker_service.py
===================================================================
--- bin/tracker_service.py 2014-02-08 17:53:24 UTC (rev 25618)
+++ bin/tracker_service.py 2014-02-08 21:55:17 UTC (rev 25619)
@@ -92,7 +92,7 @@
h3 { font-size : 100%; }
table { padding-left : 1.5em }
-td, th { text-align : left;
+td, th { text-align : left;
padding-left : 0.25em;
padding-right : 0.25em; }
td { vertical-align: baseline }
@@ -116,7 +116,7 @@
}
}
''')).toHTML()
-
+
nvd_text = P('''If a "**" is included, the urgency field was automatically
assigned by the NVD (National Vulnerability Database). Note that this
rating is automatically derived from a set of known factors about the
@@ -135,9 +135,9 @@
self.register('status/release/oldstable',
self.page_status_release_oldstable)
self.register('status/release/stable', self.page_status_release_stable)
- self.register('status/release/stable-backports',
+ self.register('status/release/stable-backports',
self.page_status_release_stable_backports)
- self.register('status/release/oldstable-backports',
+ self.register('status/release/oldstable-backports',
self.page_status_release_oldstable_backports)
self.register('status/release/testing',
self.page_status_release_testing)
@@ -167,7 +167,7 @@
return self.page_not_found(url, query)
else:
return RedirectResult(url.scriptRelativeFull(query))
-
+
return self.create_page(
url, 'Security Bug Tracker',
[P(
@@ -303,7 +303,7 @@
def gen_header():
yield B("Name"), bug.name
-
+
nvd = self.db.getNVD(cursor, bug.name)
if nvd and nvd.cve_desc:
@@ -358,7 +358,7 @@
nvd_severity = "%s (attack range: %s)" \
% (nvd_severity, nvd_range)
yield B("NVD severity"), nvd_severity
-
+
debian_bugs = bug.getDebianBugs(cursor)
if debian_bugs:
yield (B("Debian Bugs"),
@@ -536,7 +536,7 @@
def page_source_package(self, path, params, url):
pkg = path[0]
-
+
def gen_versions():
for (releases, version) in self.db.getSourcePackageVersions(
self.db.cursor(), pkg):
@@ -544,7 +544,7 @@
def gen_bug_list(lst):
for (bug, description) in lst:
yield self.make_xref(url, bug), description
-
+
return self.create_page(
url, 'Information on source package ' + pkg,
[make_menu(lambda x: x,
@@ -556,7 +556,7 @@
pkg + ' in the testing migration checker')),
H2('Available versions'),
make_table(gen_versions(), caption=('Release', 'Version')),
-
+
H2('Open issues'),
make_table(gen_bug_list(self.db.getBugsForSourcePackage
(self.db.cursor(), pkg, True, False)),
@@ -574,7 +574,7 @@
(self.db.cursor(), pkg, False, True)),
caption=('Bug', 'Description'),
replacement='No known resolved issues.'),
-
+
H2('Security announcements'),
make_table(gen_bug_list(self.db.getDSAsForSourcePackage
(self.db.cursor(), pkg)),
@@ -584,9 +584,9 @@
def page_status_release_stable_oldstable(self, release, params, url):
assert release in ('stable', 'oldstable')
-
+
bf = BugFilterNoDSA(params)
-
+
def gen():
old_pkg_name = ''
for (pkg_name, bug_name, archive, urgency, vulnerable, remote, no_dsa) in \
@@ -637,7 +637,7 @@
def page_status_release_oldstable(self, path, params, url):
return self.page_status_release_stable_oldstable('oldstable',
params, url)
-
+
def page_status_release_testing(self, path, params, url):
bf = BugFilterNoDSA(params)
@@ -849,7 +849,7 @@
else:
flags = A(url.updateParamsDict({'hide_check' : '1'}),
'Hide "check" TODOs')
-
+
def gen():
for (bug, description, note) in self.db.getTODOs(hide_check=hide_check):
yield self.make_xref(url, bug), description, note
@@ -1103,7 +1103,7 @@
in this case.)"""),
make_table(gen(),
caption=("Package",
- "Release",
+ "Release",
"Archive",
"Source Version",
"Binary Version")),
@@ -1116,8 +1116,8 @@
explained.""")])
def page_data_fake_names(self, path, params, url):
- def gen():
- for (bug, description) in self.db.getFakeBugs():
+ def gen(v):
+ for (bug, description) in self.db.getFakeBugs(vulnerability=v):
yield self.make_xref(url, bug), description
return self.create_page(
url, "Automatically generated issue names",
@@ -1132,8 +1132,9 @@
In the second kind of names, there is a Debian bug for the issue, and the "''',
CODE("000000"), '''"part of the name is replaced with the
Debian bug number.'''),
- make_table(gen(),
- caption=("Bug", "Description"))])
+ H2("With unfixed issues"), make_table(gen(1), caption=("Bug", "Description")),
+ H2("The rest"), make_table(gen(0), caption=("Bug", "Description")),
+ ])
def page_data_pts(self, path, params, url):
data = []
@@ -1218,7 +1219,7 @@
return url.absolute("http://people.canonical.com/~ubuntu-security/cve/%s" % name)
def url_gentoo_bug(self, url, name):
return url.absolute("http://bugs.gentoo.org/show_bug.cgi", id=name)
-
+
def url_dsa(self, url, dsa, re_dsa=re.compile(r'^DSA-(\d+)(?:-\d+)?$')):
match = re_dsa.match(dsa)
if match:
@@ -1264,12 +1265,12 @@
if name is None:
name = cve
return A(self.url_cve(url, cve), name)
-
+
def make_nvd_ref(self, url, cve, name=None):
if name is None:
name = cve
return A(self.url_nvd(url, cve), name)
-
+
def make_osssec_bug_ref(self, url, cve, name=None):
if name is None:
name = cve
@@ -1324,7 +1325,7 @@
def make_purple(self, contents):
return SPAN(contents, _class="purple")
-
+
def make_dangerous(self, contents):
return SPAN(contents, _class="dangerous")
Modified: lib/python/security_db.py
===================================================================
--- lib/python/security_db.py 2014-02-08 17:53:24 UTC (rev 25618)
+++ lib/python/security_db.py 2014-02-08 21:55:17 UTC (rev 25619)
@@ -1,16 +1,16 @@
# security_db.py -- simple, CVE-driven Debian security bugs database
# Copyright (C) 2005 Florian Weimer <fw at deneb.enyo.de>
-#
+#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
-#
+#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
-#
+#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
@@ -47,12 +47,12 @@
The 'errors' member collects all error messages.
"""
-
+
def __init__(self, errors):
assert len(errors) > 0, errors
assert type(errors) == types.ListType, errors
self.errors = errors
-
+
def __str__(self):
return self.errors[0] + ' [more...]'
@@ -176,7 +176,7 @@
def rollback(self, cursor):
"""Undos the changes in the transaction."""
cursor.execute("ROLLBACK")
-
+
def initSchema(self):
"""Creates the database schema."""
cursor = self.cursor()
@@ -276,7 +276,7 @@
'partially-fixed', 'todo')),
reason TEXT NOT NULL,
PRIMARY KEY (bug_name, release))""")
-
+
cursor.execute("""CREATE TABLE source_package_status
(bug_name TEXT NOT NULL,
package INTEGER NOT NULL,
@@ -318,7 +318,7 @@
def _initSchema20(self):
cursor = self.db.cursor()
-
+
cursor.execute("PRAGMA user_version = 1")
self._initNoDSA(cursor)
self._initViews(cursor)
@@ -508,7 +508,7 @@
result = cStringIO.StringIO()
cPickle.dump(data, result)
return buffer(result.getvalue())
-
+
for (old_print, contents) in cursor.execute(
"SELECT inodeprint, parsed FROM inodeprints WHERE file = ?",
(filename,)):
@@ -536,7 +536,7 @@
if self.verbose:
print " finished"
-
+
def _readSourcePackages(self, cursor, directory):
"""Reads from directory with source package files."""
@@ -572,14 +572,14 @@
(name, release, subrelease, archive, version)
VALUES (?, ?, ?, ?, ?)""",
gen())
-
+
def _readBinaryPackages(self, cursor, directory):
"""Reads from a directory with binary package files."""
re_packages \
= re.compile(
r'.*/([a-z-]+)_([a-z-]*)_([a-z-]+)_([a-z0-9-]+)_Packages$')
-
+
if self.verbose:
print " reading binary packages"
@@ -647,7 +647,7 @@
if len(l) == 0:
raise ValueError, "no binary packages found"
-
+
l.sort()
def gen():
for key in l:
@@ -676,7 +676,7 @@
return
else:
cleared[0] = True
-
+
cursor.execute("DELETE FROM debian_bugs")
cursor.execute("DELETE FROM bugs")
cursor.execute("DELETE FROM package_notes")
@@ -687,14 +687,14 @@
# The *_status tables are regenerated anyway, no need to
# delete them here.
-
+
self._clearVersions(cursor)
def do_parse(source, cleared=[False]):
errors = []
clear_db()
-
+
if self.verbose:
print " reading " + `source.name`
@@ -769,7 +769,7 @@
if bug[0:3] == "VU#":
continue
errors.append("reference to unknown bug " + bug)
-
+
if self.verbose:
print " copy notes"
@@ -786,7 +786,7 @@
for n in source_bug.notes:
# We do not copy recursively.
assert not n.bug_origin
-
+
if n.release:
rel = str(n.release)
else:
@@ -803,7 +803,7 @@
# version cannot win.
present = True
continue
-
+
if (n.fixed_version is None
or n.fixed_version > debian_support.Version(version)):
# If our version is larger, it is the definitive one.
@@ -919,7 +919,7 @@
if self.verbose:
print " finished"
-
+
def calculateVulnerabilities(self, cursor):
"""Calculate vulnerable packages.
@@ -1043,7 +1043,7 @@
cursor.execute(
"""REPLACE INTO package_notes
SELECT p.id, p.bug_name, p.package, p.fixed_version,
- p.fixed_version_id, p.release, p.package_kind,
+ p.fixed_version_id, p.release, p.package_kind,
CASE WHEN n.severity == 'Medium' THEN 'medium'
ELSE CASE WHEN n.severity == 'High' THEN 'high'
ELSE CASE WHEN n.severity == 'Low' THEN 'low'
@@ -1072,7 +1072,7 @@
def _calcUnstable(self, cursor, bug_name):
"""Update bug_status with bug_name for unstable."""
-
+
vulnerable_packages = []
undetermined_packages = []
unimportant_packages = []
@@ -1378,7 +1378,7 @@
# (sid) cannot be non-vulnerable, while the
# release-specific branches are.
unstable_fixed = ''
-
+
total_urgency = ''
other_versions = {}
is_binary = False
@@ -1484,7 +1484,7 @@
value = base64.encodestring(zlib.compress(value, 9))
c.execute("""INSERT OR REPLACE INTO debsecan_data
VALUES (?, ?)""", (name, value))
-
+
def gen_release(release):
result = result_start[:]
@@ -1518,16 +1518,16 @@
for (prefix, release, suffix) in vuln_list:
result.append(prefix + ' ' + suffix)
result.append('')
- result.append('')
result.append('')
+ result.append('')
store_value ('release/1/GENERIC', '\n'.join(result))
-
+
def calculateDebsecan(self):
"""Calculate all debsecan data."""
for release in ('', 'squeeze', 'wheezy', 'jessie'):
self.calculateDebsecan0(release)
self.calculateDebsecan1()
-
+
def getDebsecan(self, name):
"""Returns the debsecan data item NAME."""
for (data,) in self.cursor().execute(
@@ -1561,7 +1561,7 @@
"""SELECT string_list(release) AS releases, version
FROM (SELECT release, version FROM source_packages
WHERE name = ?
- AND release IN ('squeeze', 'wheezy', 'jessie', 'sid')
+ AND release IN ('squeeze', 'wheezy', 'jessie', 'sid')
ORDER BY release_to_number(release))
GROUP BY version""", (pkg,)):
yield releases.split(', '), version
@@ -1603,12 +1603,12 @@
ORDER BY version COLLATE version""", (pkg,)):
yield (packages.split(', '), releases.split(', '),
archs.split(','), version)
-
+
def getSourcePackages(self, cursor, bug):
"""A generator which returns tuples (SOURCE-PACKAGE,
RELEASE-LIST, VERSION, VULNERABLE-FLAG) of source packages
which are related to the given bug."""
-
+
for (package, releases, version, vulnerable) in cursor.execute(
"""SELECT package, string_list(release), version, vulnerable
FROM (SELECT p.name AS package,
@@ -1622,7 +1622,7 @@
ORDER BY package, version COLLATE version""",
(bug,)):
yield package, releases.split(', '), version, vulnerable
-
+
def getBugsFromDebianBug(self, cursor, number):
"""A generator which returns a list of tuples
(BUG-NAME, URGENCY, DESCRIPTION)."""
@@ -1641,7 +1641,7 @@
"SELECT EXISTS (SELECT * FROM source_packages WHERE name = ?)",
(pkg,))
return flag
-
+
def isBinaryPackage(self, cursor, pkg):
"""Returns a true value if pkg is a binary package."""
((flag,),) = cursor.execute(
@@ -1766,16 +1766,21 @@
if old_package:
yield (old_package, bugs)
- def getFakeBugs(self, cursor=None):
+ def getFakeBugs(self, cursor=None, vulnerability=0):
"""Returns a list of pairs (BUG-NAME, DESCRIPTION)."""
if cursor is None:
cursor = self.cursor()
return list(cursor.execute(
- """SELECT name, description FROM bugs
- WHERE name > 'TEMP-' AND name LIKE 'TEMP-%'
- ORDER BY name"""))
+ """ SELECT DISTINCT b.name, b.description
+ FROM bugs AS b,
+ source_package_status AS st
+ WHERE
+ b.name = st.bug_name AND
+ st.vulnerable=? AND
+ st.bug_name > 'TEMP-' AND st.bug_name LIKE 'TEMP-%'
+ ORDER BY st.bug_name""",(vulnerability,)))
def getITPs(self, cursor):
"""Returns a generator for a list of unknown packages.
@@ -1795,7 +1800,7 @@
def getEffectiveVersion(self, release, pkg, purpose, cache=None, cursor=None):
"""Retrieve the effective version of a source package in a release.
-
+
The effective version is the version that matches the recommended
sources.list file for the intended purpose. For suitable values
of purpose, see dist_config.
@@ -1895,7 +1900,7 @@
if archive:
print " archive:", archive
print " architecture:", architecture
-
+
def test():
assert mergeLists('', '') == [], mergeLists('', '')
assert mergeLists('', []) == []
@@ -1928,7 +1933,7 @@
b.comments
assert len(b.notes) == 4, len(b.notes)
-
+
for n in b.notes:
assert n.release is None
if n.package == 'pcre3':
More information about the Secure-testing-commits
mailing list