[Git][security-tracker-team/security-tracker][master] 4 commits: Sort CVEs as versions
Emilio Pozuelo Monfort
pochu at debian.org
Fri Apr 30 13:32:54 BST 2021
Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker
Commits:
b0c641ac by Sylvain Beucler at 2021-04-30T14:31:02+02:00
Sort CVEs as versions
- - - - -
53ebc090 by Emilio Pozuelo Monfort at 2021-04-30T14:31:02+02:00
tracker_service: also sort CVEs on stable-like pages
- - - - -
fe08a6a9 by Emilio Pozuelo Monfort at 2021-04-30T14:31:02+02:00
security_db: replace base64.encodestring with encodebytes
It was an alias for the latter, and has finally been removed in
Python 3.9.
Likewise for decodestring.
- - - - -
74b6bd26 by Emilio Pozuelo Monfort at 2021-04-30T14:31:02+02:00
web_support: call parse_qs from urllib
The one from cgi has been removed in Python 3.8.
- - - - -
3 changed files:
- bin/tracker_service.py
- lib/python/security_db.py
- lib/python/web_support.py
Changes:
=====================================
bin/tracker_service.py
=====================================
@@ -712,7 +712,8 @@ to improve our documentation and procedures, so feedback is welcome.""")])])
self.db.cursor().execute(
"""SELECT package, bug, section, urgency, vulnerable, remote, no_dsa, no_dsa_reason
FROM %s_status
- WHERE (bug LIKE 'CVE-%%' OR bug LIKE 'TEMP-%%')""" % release):
+ WHERE (bug LIKE 'CVE-%%' OR bug LIKE 'TEMP-%%')
+ ORDER BY package, bug COLLATE version""" % release):
if bf.urgencyFiltered(urgency, vulnerable):
continue
if bf.remoteFiltered(remote):
@@ -768,7 +769,8 @@ to improve our documentation and procedures, so feedback is welcome.""")])])
in self.db.cursor().execute(
"""SELECT package, bug, section, urgency, vulnerable,
unstable_vulnerable, testing_security_fixed, remote, no_dsa
- FROM testing_status"""):
+ FROM testing_status
+ ORDER BY package, bug COLLATE version"""):
if bf.urgencyFiltered(urgency, vulnerable):
continue
if bf.remoteFiltered(remote):
@@ -831,7 +833,7 @@ to improve our documentation and procedures, so feedback is welcome.""")])])
FROM source_package_status AS st, source_packages AS sp
WHERE st.vulnerable AND sp.rowid = st.package
AND sp.release = ? AND sp.subrelease = ''
- ORDER BY sp.name, st.bug_name""", (rel,)):
+ ORDER BY sp.name, st.bug_name COLLATE version""", (rel,)):
if bf.urgencyFiltered(urgency, vulnerable):
continue
if bf.remoteFiltered(remote):
@@ -992,7 +994,7 @@ checker to find out why they have not entered testing yet."""),
WHERE st.vulnerable == 2 AND sp.rowid = st.package
AND sp.release IN (""" + ",".join("?" * len(releases)) + """)
AND sp.subrelease = '' AND st.bug_name == bugs.name
- ORDER BY sp.name, st.bug_name""", releases):
+ ORDER BY sp.name, st.bug_name COLLATE version""", releases):
if old_bug == '':
old_bug = bug_name
@@ -1037,7 +1039,7 @@ checker to find out why they have not entered testing yet."""),
AND sp.release IN (""" + ",".join("?" * len(releases)) + """)
AND st.urgency == 'unimportant'
AND sp.subrelease = '' AND st.bug_name == bugs.name
- ORDER BY sp.name, st.bug_name""", releases):
+ ORDER BY sp.name, st.bug_name COLLATE version""", releases):
if old_bug == '':
old_bug = bug_name
@@ -1118,7 +1120,7 @@ package which is no longer in the archive."""),
AND n.bug_origin = ''
AND sp.name = n.package
AND sp.version LIKE '%:%'
- ORDER BY bug_name, package"""):
+ ORDER BY bug_name COLLATE version, package"""):
if bug == old_bug:
bug = ''
else:
=====================================
lib/python/security_db.py
=====================================
@@ -138,14 +138,7 @@ BugsForSourcePackage_query = \
JOIN source_packages sp ON (st.package = sp.rowid)
WHERE sp.name = ?
AND (bugs.name LIKE 'CVE-%' OR bugs.name LIKE 'TEMP-%')
- ORDER BY
- -- 'COLLATE natorder' emulation, using 0-padding (MR#76)
- -- e.g. CVE-2016-1000393 -> CVE-2016-0001000393
- CASE substr(bugs.name,1,3)
- WHEN 'CVE' THEN
- substr(bugs.name,1,9) || substr("0000000000"||substr(bugs.name, 10, 10), -10)
- ELSE bugs.name
- END DESC, sp.release"""
+ ORDER BY bugs.name COLLATE version DESC, sp.release"""
# Sort order is important for the groupby operation below.
def getBugsForSourcePackage(cursor, pkg):
@@ -1576,7 +1569,7 @@ class DB:
kind, urgency_to_flag[urgency], remote,
fix_available,
package, fixed_version, description))
- result = base64.encodestring(zlib.compress(''.join(result).encode('utf-8'), 9))
+ result = base64.encodebytes(zlib.compress(''.join(result).encode('utf-8'), 9))
c.execute(
"INSERT OR REPLACE INTO debsecan_data (name, data) VALUES (?, ?)",
@@ -1747,7 +1740,7 @@ class DB:
source_packages.sort()
def store_value(name, value):
- value = base64.encodestring(zlib.compress(value.encode('utf-8'), 9))
+ value = base64.encodebytes(zlib.compress(value.encode('utf-8'), 9))
c.execute("""INSERT OR REPLACE INTO debsecan_data
VALUES (?, ?)""", (name, value))
@@ -1798,7 +1791,7 @@ class DB:
"""Returns the debsecan data item NAME."""
for (data,) in self.cursor().execute(
"SELECT data FROM debsecan_data WHERE name = ?", (name,)):
- return base64.decodestring(data)
+ return base64.decodebytes(data)
else:
return None
@@ -1943,14 +1936,14 @@ class DB:
WHERE bugs_notes.typ = 'TODO'
AND bugs_notes.comment <> 'check'
AND bugs.name = bugs_notes.bug_name
- ORDER BY name """)
+ ORDER BY name COLLATE version""")
else:
return cursor.execute(
"""SELECT DISTINCT bugs.name, bugs.description, bugs_notes.comment
FROM bugs_notes, bugs
WHERE bugs_notes.typ = 'TODO'
AND bugs.name = bugs_notes.bug_name
- ORDER BY name """)
+ ORDER BY name COLLATE version""")
def getBugXrefs(self, cursor, bug):
"""Returns a generator for a list of bug names. The listed
=====================================
lib/python/web_support.py
=====================================
@@ -30,6 +30,11 @@ try:
except ImportError:
from urllib.parse import quote as urllib_quote
+try:
+ from cgi import parse_qs
+except ImportError:
+ from urllib.parse import parse_qs
+
try:
from SocketServer import ThreadingMixIn
from BaseHTTPServer import HTTPServer, BaseHTTPRequestHandler
@@ -838,7 +843,7 @@ class WebServiceHTTP(WebServiceBase):
path = self.path[:pos]
if path[:1] != '/':
path = '/' + path
- params = cgi.parse_qs(self.path[pos + 1:])
+ params = parse_qs(self.path[pos + 1:])
return (path, params)
def route(self):
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/9bd5c83c7a7e002cb1705eb64dcf56b5a52c0c83...74b6bd26b820b76a01a1ebb3dccd743efd90d23e
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/9bd5c83c7a7e002cb1705eb64dcf56b5a52c0c83...74b6bd26b820b76a01a1ebb3dccd743efd90d23e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210430/d3e0c7ca/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list