[Secure-testing-commits] r31490 - lib/python
Florian Weimer
fw at moszumanska.debian.org
Sun Jan 18 11:00:11 UTC 2015
Author: fw
Date: 2015-01-18 11:00:10 +0000 (Sun, 18 Jan 2015)
New Revision: 31490
Modified:
lib/python/security_db.py
Log:
security_db.Db.getUnreportedVulnerabilities(): New method
Modified: lib/python/security_db.py
===================================================================
--- lib/python/security_db.py 2015-01-18 10:50:18 UTC (rev 31489)
+++ lib/python/security_db.py 2015-01-18 11:00:10 UTC (rev 31490)
@@ -1845,6 +1845,35 @@
st.bug_name > 'TEMP-' AND st.bug_name LIKE 'TEMP-%'
ORDER BY st.bug_name""",(vulnerability,)))
+ def getUnreportedVulnerabilities(self, cursor=None):
+ """Returns a list of pairs (BUG_NAME, DESCRIPTION)
+ of vulnerabilities which are unfixed in unstable and lack a filed bug.
+ """
+ if cursor is None:
+ cursor = self.cursor()
+ last_bug = None
+ result = []
+ for bug, pkg in cursor.execute(
+"""SELECT DISTINCT source_package_status.bug_name, source_packages.name
+ FROM source_packages
+ JOIN source_package_status
+ ON source_packages.rowid = source_package_status.package
+ JOIN package_notes
+ ON source_packages.name = package_notes.package
+ AND package_notes.bug_name = source_package_status.bug_name
+ AND source_packages.release = 'sid'
+ AND package_notes.release = ''
+ WHERE source_package_status.bug_name LIKE 'CVE-%'
+ AND package_notes.urgency <> 'unimportant'
+ AND package_notes.rowid NOT IN (SELECT note FROM debian_bugs)
+ AND source_package_status.vulnerable
+ ORDER BY source_package_status.bug_name, source_packages.name"""):
+ if last_bug is None or last_bug <> bug:
+ last_bug = bug
+ result.append((bug, []))
+ result[-1][1].append(pkg)
+ return result
+
def getITPs(self, cursor):
"""Returns a generator for a list of unknown packages.
Each entry has the form (PACKAGE, BUG-LIST, DEBIAN-BUG-LIST)."""
More information about the Secure-testing-commits
mailing list