[Git][security-tracker-team/security-tracker][master] An alternative triage script that works if the json sync is not working.
Ola Lundqvist
opal at debian.org
Sun Feb 10 15:55:59 GMT 2019
Ola Lundqvist pushed to branch master at Debian Security Tracker / security-tracker
Commits:
cec172d5 by Ola Lundqvist at 2019-02-10T15:55:32Z
An alternative triage script that works if the json sync is not working.
- - - - -
1 changed file:
- + bin/lts-alt-cve-triage.sh
Changes:
=====================================
bin/lts-alt-cve-triage.sh
=====================================
@@ -0,0 +1,38 @@
+#!/bin/sh
+# Requires:
+# wget, html2text
+
+WDB="https://deb.freexian.com/extended-lts/tracker/status/release/oldstable"
+ENF="data/dla-needed.txt"
+OPF=$(tempfile)
+
+echo "Fetching tracker db from $WDB"
+wget -O "$OPF" -q "$WDB"
+html2text "$OPF" | grep "?$" | while read A B O ; do
+ if echo $A | grep -q -E "^(CVE|TEMP)-" ; then
+ CVE=$A
+ else
+ PACKAGE=$A
+ CVE=$B
+ fi
+
+ # Sanitize package name for e.g. foo_(non-free)
+ PACKAGE=${PACKAGE%%_*}
+
+ if echo "$PACKAGE" | grep -q '^[-a-zA-Z0-9_][-a-zA-Z0-9_.]*$' ; then
+ if [ -n "$CVE" ] ; then
+ if grep -q "^$PACKAGE[[:space:]](" $ENF ; then
+ echo "Supported $PACKAGE $CVE (Claimed)"
+ elif grep -q "^$PACKAGE$" $ENF ; then
+ echo "Supported $PACKAGE $CVE (Not claimed)"
+ else
+ echo "Supported $PACKAGE $CVE (Triage needed)"
+ fi
+ else
+ echo "Empty CVE for $PACKAGE"
+ fi
+ else
+ echo "Unknown characters in package name $PACKAGE."
+ fi
+done
+rm -f "$OPF"
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/cec172d51bc647f5a51554bc3ffd882883650e52
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/cec172d51bc647f5a51554bc3ffd882883650e52
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190210/10b9e6c8/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list