[Secure-testing-commits] r58125 - bin

[Guido Guenther]

Author: agx
Date: 2017-11-29 21:38:11 +0000 (Wed, 29 Nov 2017)
New Revision: 58125

Modified:
   bin/report-vuln
Log:
report-vuln: Support generation of mail headers

Modified: bin/report-vuln
===================================================================
--- bin/report-vuln	2017-11-29 21:25:13 UTC (rev 58124)
+++ bin/report-vuln	2017-11-29 21:38:11 UTC (rev 58125)
@@ -8,14 +8,14 @@
 #
 # report-vuln(){
 #     TMPFILE="$HOME/reportbug.tmp"
-#     $HOME/debian/svn/secure-testing/bin/report-vuln "$@" > $TMPFILE
-#     mutt -i $TMPFILE submit at bugs.debian.org
+#     $HOME/debian/svn/secure-testing/bin/report-vuln -m "$@" > $TMPFILE
+#     mutt -H $TMPFILE
 #     rm $TMPFILE
 # }
 #
 # in bash, this can be simply:
 #
-# mutt -i <($HOME/debian/svn/secure-testing/bin/report-vuln) submit at bugs.debian.org
+# mutt -H <($HOME/debian/svn/secure-testing/bin/report-vuln -m <pkg> <CVE>)
 #
 # export http_proxy if you need to use an http proxy to report bugs
 
@@ -113,21 +113,28 @@
 
     return ret + '\n'
 
-def gen_text(pkg, cveid, blanks=False, severity=None, affected=None, cc=False, cclist=None, src=False):
+def gen_text(pkg, cveid, blanks=False, severity=None, affected=None, cc=False, cclist=None, src=False, mh=False):
     vuln_suff = 'y'
     cve_suff = ''
     time_w = 'was'
     temp_id_cnt = 0
+    header = ''
 
+    if mh:
+        header += '''To: submit at bugs.debian.org
+Subject: %s: %s
+
+''' % (pkg, ' '.join(cveid))
+
     if len(cveid) > 1:
         cve_suff = 's'
         vuln_suff = 'ies'
         time_w = 'were'
 
     if src:
-        header = '''Source: %s\n''' % (pkg)
+        header += '''Source: %s\n''' % (pkg)
     else:
-        header = '''Package: %s\n''' % (pkg)
+        header += '''Package: %s\n''' % (pkg)
 
     if affected is None:
         if blanks:
@@ -212,6 +219,7 @@
     parser.add_argument('--cc-list', dest='cclist', default=['team at security.debian.org', 'secure-testing-team at lists.alioth.debian.org'],
                         help='list of addresses to add in CC (default: %(default)s)')
     parser.add_argument('--src', action="store_true", help='report against source package')
+    parser.add_argument('-m', '--mail-header', action="store_true", help='generate a mail header')
     parser.add_argument('pkg', help='affected package')
     parser.add_argument('cve', nargs='+', help='relevant CVE for this source package, may be used multiple time if the issue has multiple CVEs')
     args = parser.parse_args()
@@ -231,7 +239,7 @@
         if not c.match(arg) and not temp_id.match(arg):
             error(arg + ' does not seem to be a valid CVE id')
 
-    gen_text(pkg, cve, affected=args.affected, blanks=args.blanks, severity=args.severity, cc=args.cc, cclist=args.cclist, src=args.src)
+    gen_text(pkg, cve, affected=args.affected, blanks=args.blanks, severity=args.severity, cc=args.cc, cclist=args.cclist, src=args.src, mh=args.mail_header)
 
 if __name__ == '__main__':
     main()