[Git][security-tracker-team/security-tracker][master] Drop lts-alt-cve-triage.sh script
Salvatore Bonaccorso
carnil at debian.org
Mon Apr 22 14:13:55 BST 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
72a11200 by Salvatore Bonaccorso at 2019-04-22T13:10:25Z
Drop lts-alt-cve-triage.sh script
The script was added as workaround for a security-tracker problem which
was tracked as https://bugs.debian.org/919977 where the security-tracker
behind CDN returned stale data for the json export.
After some changes on the infrastructure done by DSA the problem seem to
have gone. As such we do not need two scripts for the same thing as the
alternative script really was only added as workaround to keep LTS folks
having a working CVE triage script.
- - - - -
1 changed file:
- − bin/lts-alt-cve-triage.sh
Changes:
=====================================
bin/lts-alt-cve-triage.sh deleted
=====================================
@@ -1,38 +0,0 @@
-#!/bin/sh
-# Requires:
-# wget, html2text
-
-WDB="https://deb.freexian.com/extended-lts/tracker/status/release/oldstable"
-ENF="data/dla-needed.txt"
-OPF=$(tempfile)
-
-echo "Fetching tracker db from $WDB"
-wget -O "$OPF" -q "$WDB"
-html2text "$OPF" | grep "?$" | while read A B O ; do
- if echo $A | grep -q -E "^(CVE|TEMP)-" ; then
- CVE=$A
- else
- PACKAGE=$A
- CVE=$B
- fi
-
- # Sanitize package name for e.g. foo_(non-free)
- PACKAGE=${PACKAGE%%_*}
-
- if echo "$PACKAGE" | grep -q '^[-a-zA-Z0-9_][-a-zA-Z0-9_.]*$' ; then
- if [ -n "$CVE" ] ; then
- if grep -q "^$PACKAGE[[:space:]](" $ENF ; then
- echo "Supported $PACKAGE $CVE (Claimed)"
- elif grep -q "^$PACKAGE$" $ENF ; then
- echo "Supported $PACKAGE $CVE (Not claimed)"
- else
- echo "Supported $PACKAGE $CVE (Triage needed)"
- fi
- else
- echo "Empty CVE for $PACKAGE"
- fi
- else
- echo "Unknown characters in package name $PACKAGE."
- fi
-done
-rm -f "$OPF"
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/72a1120047bdbb2eaa2b350f46cc89b3de3024d8
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/72a1120047bdbb2eaa2b350f46cc89b3de3024d8
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190422/eb52a5c4/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list