[Secure-testing-commits] r33868 - / bin lib/python
Holger Levsen
holger at moszumanska.debian.org
Sun Apr 26 17:10:05 UTC 2015
Author: holger
Date: 2015-04-26 17:10:05 +0000 (Sun, 26 Apr 2015)
New Revision: 33868
Modified:
Makefile
bin/add-dsa-needed.sh
bin/tracker_data.py
bin/tracker_service.py
lib/python/debian_support.py
lib/python/dist_config.py
lib/python/security_db.py
Log:
add support for oldoldstable and stretch and make jessie the new stable release
Modified: Makefile
===================================================================
--- Makefile 2015-04-26 16:47:49 UTC (rev 33867)
+++ Makefile 2015-04-26 17:10:05 UTC (rev 33868)
@@ -10,11 +10,13 @@
squeeze_LTS_ARCHS = amd64 i386
wheezy_ARCHS = amd64 armel armhf i386 ia64 mips mipsel powerpc s390 s390x sparc kfreebsd-i386 kfreebsd-amd64
jessie_ARCHS = amd64 arm64 armel armhf i386 mips mipsel powerpc ppc64el s390x
+stretch_ARCHS = amd64 arm64 armel armhf i386 mips mipsel powerpc ppc64el s390x
sid_ARCHS = amd64 arm64 armel armhf hurd-i386 i386 kfreebsd-i386 kfreebsd-amd64 mips mipsel powerpc ppc64el s390x sparc
-OLDSTABLE = squeeze
-STABLE = wheezy
-TESTING = jessie
+OLDOLDSTABLE = squeeze
+OLDSTABLE = wheezy
+STABLE = jessie
+TESTING = stretch
all:
$(PYTHON) bin/update-db data/security.db
@@ -115,7 +117,23 @@
done ; \
done
-.PHONY: update-security update-old-security update-testing-security
+update-oldoldstable:
+ set -e ; for rel in $(OLDOLDSTABLE) ; do \
+ for archive in main contrib non-free ; do \
+ $(PYTHON) bin/apt-update-file \
+ $(MIRROR)/dists/$$rel/$$archive/source/Sources \
+ data/packages/$${rel}__$${archive}_Sources ; \
+ done ; \
+ for arch in $($(OLDOLDSTABLE)_ARCHS) ; do \
+ for archive in main contrib non-free ; do \
+ $(PYTHON) bin/apt-update-file \
+ $(MIRROR)/dists/$$rel/$$archive/binary-$$arch/Packages \
+ data/packages/$${rel}__$${archive}_$${arch}_Packages ; \
+ done ; \
+ done ; \
+ done
+
+.PHONY: update-security update-old-security update-oldold-security update-testing-security
ST_MIRROR = http://security.debian.org/dists/$(TESTING)/updates
ST_FILE = data/packages/$(TESTING)_security_
update-testing-security:
@@ -127,7 +145,7 @@
done
SEC_MIRROR = http://security.debian.org/dists
-update-security: update-old-security
+update-security: update-old-security update-oldold-security
for archive in $(STABLE); do \
for section in main contrib non-free ; do \
$(PYTHON) bin/apt-update-file \
@@ -141,7 +159,7 @@
done ; \
done
-update-old-security: update-lts
+update-old-security:
for archive in $(OLDSTABLE); do \
for section in main contrib non-free ; do \
$(PYTHON) bin/apt-update-file \
@@ -155,9 +173,23 @@
done ; \
done
-update-lts: update-lts-$(OLDSTABLE)
+update-oldold-security: update-lts
+ for archive in $(OLDOLDSTABLE); do \
+ for section in main contrib non-free ; do \
+ $(PYTHON) bin/apt-update-file \
+ $(SEC_MIRROR)/$$archive/updates/$$section/source/Sources \
+ data/packages/$${archive}_security_$${section}_Sources ; \
+ for arch in $($(OLDOLDSTABLE)_ARCHS) ; do \
+ $(PYTHON) bin/apt-update-file \
+ $(SEC_MIRROR)/$$archive/updates/$$section/binary-$$arch/Packages \
+ data/packages/$${archive}_security_$${section}_$${arch}_Packages ; \
+ done ; \
+ done ; \
+ done
-update-lts-$(OLDSTABLE):
+update-lts: update-lts-$(OLDOLDSTABLE)
+
+update-lts-$(OLDOLDSTABLE):
set -e && archive=$(shell echo $@ | cut -d- -f3) ; \
for arch in $($(shell echo $@ | cut -d- -f3)_LTS_ARCHS) ; do \
$(PYTHON) bin/apt-update-file \
@@ -169,9 +201,9 @@
data/packages/$${archive}-lts__main_Sources ; \
BACKPORTS_MIRROR = http://ftp.de.debian.org/debian-backports/dists
-update-backports: update-backports-$(STABLE) update-backports-$(OLDSTABLE)
+update-backports: update-backports-$(STABLE) update-backports-$(OLDSTABLE) update-backports-$(OLDOLDSTABLE)
-update-backports-$(OLDSTABLE):
+update-backports-$(OLDOLDSTABLE):
set -e && archive=$(shell echo $@ | cut -d- -f3) ; \
for arch in $($(shell echo $@ | cut -d- -f3)_ARCHS) ; do \
$(PYTHON) bin/apt-update-file \
@@ -204,4 +236,4 @@
done
python bin/update-nvd data/nvd/nvdcve-*.xml
-update-all: update-nvd update-lists update-packages update-oldstable update-stable update-security update-testing-security update-packages update-backports all
+update-all: update-nvd update-lists update-packages update-oldstable update-oldoldstable update-stable update-security update-testing-security update-packages update-backports all
Modified: bin/add-dsa-needed.sh
===================================================================
--- bin/add-dsa-needed.sh 2015-04-26 16:47:49 UTC (rev 33867)
+++ bin/add-dsa-needed.sh 2015-04-26 17:10:05 UTC (rev 33868)
@@ -47,7 +47,7 @@
;;
esac
-for release in oldstable stable; do
+for release in oldoldstable oldstable stable; do
HOME=$tmpd w3m $turl/$release > $tmpd/$release.txt
touch $tmpd/toadd-$release.txt
seen_marker=false
@@ -76,16 +76,17 @@
done < $tmpd/$release.txt
done
-cat $tmpd/toadd-stable.txt $tmpd/toadd-oldstable.txt | sort | uniq -d |
+cat $tmpd/toadd-stable.txt $tmpd/toadd-oldstable.txt $tmpd/toadd-oldoldstable.txt | sort | uniq -d |
while read pkg; do
printf "%s\n--\n" "$pkg" >> $output
sed -ri "/^$pkg\$/d" $tmpd/toadd-stable.txt
sed -ri "/^$pkg\$/d" $tmpd/toadd-oldstable.txt
+ sed -ri "/^$pkg\$/d" $tmpd/toadd-oldoldstable.txt
done
-# Skip oldstable for now as it is an LTS release, tracked with
+# Skip oldoldstable for now as it is an LTS release, tracked with
# dla-needed:
-for release in stable; do
+for release in oldstable stable; do
while read pkg; do
printf "%s/%s\n--\n" "$pkg" "$release" >> $output
done < $tmpd/toadd-$release.txt
Modified: bin/tracker_data.py
===================================================================
--- bin/tracker_data.py 2015-04-26 16:47:49 UTC (rev 33867)
+++ bin/tracker_data.py 2015-04-26 17:10:05 UTC (rev 33868)
@@ -22,9 +22,10 @@
import six
RELEASES = {
- 'oldstable': 'squeeze',
- 'stable': 'wheezy',
- 'testing': 'jessie',
+ 'oldoldstable': 'squeeze',
+ 'oldstable': 'wheezy',
+ 'stable': 'jessie',
+ 'testing': 'stretch',
'unstable': 'sid',
'experimental': 'experimental',
# LTS specific aliases
Modified: bin/tracker_service.py
===================================================================
--- bin/tracker_service.py 2015-04-26 16:47:49 UTC (rev 33867)
+++ bin/tracker_service.py 2015-04-26 17:10:05 UTC (rev 33868)
@@ -127,6 +127,8 @@
self.register('*', self.page_object)
self.register('redirect/*', self.page_redirect)
self.register('source-package/*', self.page_source_package)
+ self.register('status/release/oldoldstable',
+ self.page_status_release_oldoldstable)
self.register('status/release/oldstable',
self.page_status_release_oldstable)
self.register('status/release/stable', self.page_status_release_stable)
@@ -134,6 +136,8 @@
self.page_status_release_stable_backports)
self.register('status/release/oldstable-backports',
self.page_status_release_oldstable_backports)
+ self.register('status/release/oldoldstable-backports',
+ self.page_status_release_oldoldstable_backports)
self.register('status/release/testing',
self.page_status_release_testing)
self.register('status/release/unstable',
@@ -224,6 +228,10 @@
'Vulnerable packages in the oldstable suite'),
('status/release/oldstable-backports',
'Vulnerable packages in backports for oldstable'),
+ ('status/release/oldoldstable',
+ 'Vulnerable packages in the oldoldstable suite'),
+ ('status/release/oldoldstable-backports',
+ 'Vulnerable packages in backports for oldoldstable'),
('status/dtsa-candidates', "Candidates for DTSAs"),
('status/todo', 'TODO items'),
('status/undetermined', 'Packages that may be vulnerable but need to be checked (undetermined issues)'),
@@ -658,8 +666,8 @@
replacement='No known security announcements.')
])
- def page_status_release_stable_oldstable(self, release, params, url):
- assert release in ('stable', 'oldstable')
+ def page_status_release_stable_oldstable_oldoldstable(self, release, params, url):
+ assert release in ('stable', 'oldstable', 'oldoldstable',)
bf = BugFilter(params)
@@ -711,10 +719,13 @@
self.nvd_text])
def page_status_release_stable(self, path, params, url):
- return self.page_status_release_stable_oldstable('stable', params, url)
+ return self.page_status_release_stable_oldstable_oldoldstable('stable', params, url)
def page_status_release_oldstable(self, path, params, url):
- return self.page_status_release_stable_oldstable('oldstable',
+ return self.page_status_release_stable_oldstable_oldoldstable('oldstable',
params, url)
+ def page_status_release_oldstable(self, path, params, url):
+ return self.page_status_release_stable_oldstable_oldoldstable('oldoldstable',
+ params, url)
def page_status_release_testing(self, path, params, url):
bf = BugFilter(params)
@@ -837,14 +848,21 @@
return self.page_status_release_unstable_like(
path, params, url,
title='Vulnerable source packages among backports for stable',
- rel='wheezy-backports')
+ rel='jessie-backports')
def page_status_release_oldstable_backports(self, path, params, url):
return self.page_status_release_unstable_like(
path, params, url,
title='Vulnerable source packages among backports for oldstable',
+ rel='wheezy-backports')
+
+ def page_status_release_oldoldstable_backports(self, path, params, url):
+ return self.page_status_release_unstable_like(
+ path, params, url,
+ title='Vulnerable source packages among backports for oldoldstable',
rel='squeeze-backports')
+
def page_status_dtsa_candidates(self, path, params, url):
bf = BugFilter(params,nonodsa=True)
@@ -941,14 +959,14 @@
old_pkg = ''
old_dsc = ''
last_displayed = ''
- releases = ('sid', 'jessie', 'wheezy', 'squeeze')
+ releases = ('sid', 'stretch', 'jessie', 'wheezy', 'squeeze')
for (pkg_name, bug_name, release, desc) in self.db.cursor().execute(
"""SELECT DISTINCT sp.name, st.bug_name, sp.release,
bugs.description
FROM source_package_status AS st, source_packages AS sp, bugs
WHERE st.vulnerable == 2 AND sp.rowid = st.package
AND ( sp.release = ? OR sp.release = ? OR sp.release = ?
- OR sp.release = ? )
+ OR sp.release = ? OR sp.release = ? )
AND sp.subrelease = '' AND st.bug_name == bugs.name
ORDER BY sp.name, st.bug_name""", releases):
@@ -986,14 +1004,14 @@
old_dsc = ''
old_name = ''
last_displayed = ''
- releases = ('sid', 'jessie', 'wheezy', 'squeeze')
+ releases = ('sid', 'stretch', 'jessie', 'wheezy', 'squeeze')
for (pkg_name, bug_name, release, desc) in self.db.cursor().execute(
"""SELECT DISTINCT sp.name, st.bug_name, sp.release,
bugs.description
FROM source_package_status AS st, source_packages AS sp, bugs
WHERE st.vulnerable > 0 AND sp.rowid = st.package
AND ( sp.release = ? OR sp.release = ? OR sp.release = ?
- OR sp.release = ? ) AND st.urgency == 'unimportant'
+ OR sp.release = ? OR sp.release = ? ) AND st.urgency == 'unimportant'
AND sp.subrelease = '' AND st.bug_name == bugs.name
ORDER BY sp.name, st.bug_name""", releases):
@@ -1260,7 +1278,7 @@
status = defaultdict(lambda: defaultdict(dict))
urgency = defaultdict(lambda: defaultdict(dict))
nodsa = defaultdict(lambda: defaultdict(dict))
- supported_releases = ('sid', 'jessie', 'wheezy', 'squeeze')
+ supported_releases = ('sid', 'stretch', 'jessie', 'wheezy', 'squeeze')
for (pkg, issue, desc, debianbug, release, subrelease, db_version, db_fixed_version, db_status, db_urgency, db_remote, db_nodsa) in self.db.cursor().execute(
"""SELECT sp.name, st.bug_name,
(SELECT cve_desc FROM nvd_data
@@ -1283,7 +1301,7 @@
FROM source_package_status AS st, source_packages AS sp, bugs
WHERE sp.rowid = st.package AND st.bug_name = bugs.name
AND ( sp.release = ? OR sp.release = ? OR sp.release = ?
- OR sp.release = ? )
+ OR sp.release = ? OR sp.release = ? )
ORDER BY sp.name, st.bug_name, sp.release, sp.subrelease""" , supported_releases):
### to ease debugging...:
Modified: lib/python/debian_support.py
===================================================================
--- lib/python/debian_support.py 2015-04-26 16:47:49 UTC (rev 33867)
+++ lib/python/debian_support.py 2015-04-26 17:10:05 UTC (rev 33868)
@@ -194,7 +194,7 @@
def listReleases():
releases = {}
rels = ("experimental", # For use in [brackets] in the list files.
- "potato", "woody", "sarge", "etch", "lenny", "squeeze", "wheezy", "jessie", "sid")
+ "potato", "woody", "sarge", "etch", "lenny", "squeeze", "wheezy", "jessie", "stretch", "sid")
for r in range(len(rels)):
releases[rels[r]] = Release(rels[r], r)
Release.releases = releases
Modified: lib/python/dist_config.py
===================================================================
--- lib/python/dist_config.py 2015-04-26 16:47:49 UTC (rev 33867)
+++ lib/python/dist_config.py 2015-04-26 17:10:05 UTC (rev 33868)
@@ -41,6 +41,7 @@
squeeze_archs = common_archs + ['s390','ia64','kfreebsd-amd64','kfreebsd-i386','sparc' ]
wheezy_archs = squeeze_archs + ['armhf','s390x' ]
jessie_archs = common_archs + [ 'arm64','armhf','ppc64el' ]
+ stretch_archs = jessie_archs
add_release(name='squeeze',
architectures=squeeze_archs,
@@ -54,6 +55,10 @@
architectures=jessie_archs,
)
+ add_release(name='stretch',
+ architectures=stretch_archs,
+ )
+
add_release(name='sid',
architectures=jessie_archs,
)
Modified: lib/python/security_db.py
===================================================================
--- lib/python/security_db.py 2015-04-26 16:47:49 UTC (rev 33867)
+++ lib/python/security_db.py 2015-04-26 17:10:05 UTC (rev 33868)
@@ -367,7 +367,7 @@
AND sp.release = 'jessie' AND sp.subrelease = ''
ORDER BY sp.name, st.urgency, st.bug_name""")
- for (name, nickname) in (('stable', 'wheezy'), ('oldstable', 'squeeze'),):
+ for (name, nickname) in (('stable', 'jessie'), ('oldstable', 'wheezy'), ('oldoldstable', 'squeeze'),):
cursor.execute(
"""CREATE TEMPORARY VIEW %s_status AS
SELECT DISTINCT sp.name AS package, st.bug_name AS bug,
@@ -452,7 +452,7 @@
return -1
self.db.createscalarfunction("subreleasepart_to_number", subreleasepart_to_number, 1)
- releases = ['potato', 'woody', 'sarge', 'etch', 'lenny', 'squeeze', 'wheezy', 'jessie', 'sid']
+ releases = ['potato', 'woody', 'sarge', 'etch', 'lenny', 'squeeze', 'wheezy', 'jessie', 'stretch', 'sid']
def release_to_number(u):
try:
return releases.index(u)
@@ -1129,9 +1129,10 @@
"SELECT name FROM bugs WHERE NOT not_for_us"):
self._calcUnstable(c, bug_name)
- self._calcTesting(c, bug_name, 'testing', 'jessie')
- self._calcTesting(c, bug_name, 'stable', 'wheezy')
- self._calcTesting(c, bug_name, 'oldstable', 'squeeze')
+ self._calcTesting(c, bug_name, 'testing', 'stretch')
+ self._calcTesting(c, bug_name, 'stable', 'jessie')
+ self._calcTesting(c, bug_name, 'oldstable', 'wheezy')
+ self._calcTesting(c, bug_name, 'oldoldstable', 'squeeze')
return result
@@ -1580,7 +1581,7 @@
store_value('release/1/' + release, '\n'.join(result))
- for release in ('sid', 'squeeze', 'wheezy', 'jessie'):
+ for release in ('sid', 'squeeze', 'wheezy', 'jessie', 'stretch'):
gen_release(release)
result = result_start
@@ -1593,7 +1594,7 @@
def calculateDebsecan(self):
"""Calculate all debsecan data."""
- for release in ('', 'squeeze', 'wheezy', 'jessie'):
+ for release in ('', 'squeeze', 'wheezy', 'jessie', 'stretch'):
self.calculateDebsecan0(release)
self.calculateDebsecan1()
@@ -1630,7 +1631,7 @@
"""SELECT release_name(release, subrelease, archive)
AS release, version FROM source_packages
WHERE name = ?
- AND release IN ('squeeze', 'wheezy', 'jessie', 'sid')
+ AND release IN ('squeeze', 'wheezy', 'jessie', 'stretch', 'sid')
GROUP BY release, version
ORDER BY release_to_number(release), subrelease_to_number(subrelease), version COLLATE version""", (pkg,)):
yield release, version
@@ -1685,7 +1686,7 @@
p.version AS version, s.vulnerable AS vulnerable
FROM source_package_status AS s, source_packages AS p
WHERE s.bug_name = ? AND p.rowid = s.package
- AND release in ('squeeze', 'wheezy', 'jessie', 'sid'))
+ AND release in ('squeeze', 'wheezy', 'jessie', 'stretch', 'sid'))
GROUP BY package, version, vulnerable
ORDER BY package, releasepart_to_number(release), subreleasepart_to_number(release), version COLLATE version""",
(bug,)):
@@ -1734,7 +1735,7 @@
st.urgency = 'unimportant' OR NOT vulnerable AS unimportant
FROM source_packages AS sp, source_package_status AS st, bugs
WHERE sp.name = ?
- AND sp.release IN ('squeeze', 'wheezy', 'jessie', 'sid')
+ AND sp.release IN ('squeeze', 'wheezy', 'jessie', 'stretch', 'sid')
AND sp.subrelease <> 'security' AND sp.subrelease <> 'lts'
AND st.package = sp.rowid
AND bugs.name = st.bug_name
More information about the Secure-testing-commits
mailing list