[Git][security-tracker-team/security-tracker][master] lts: take glib2.0

Emilio Pozuelo Monfort pochu at debian.org
Thu Feb 18 11:19:08 GMT 2021 


Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d16cfb47 by Emilio Pozuelo Monfort at 2021-02-18T12:19:01+01:00
lts: take glib2.0

- - - - -


2 changed files:

- bin/merge-cve-files
- data/dla-needed.txt


Changes:

=====================================
bin/merge-cve-files
=====================================
@@ -10,7 +10,7 @@ import sys
 
 import setup_paths  # noqa
 from debian_support import internRelease
-from sectracker.parsers import cvelist, writecvelist, PackageAnnotation
+from sectracker.parsers import cvelist, writecvelist, PackageAnnotation, FlagAnnotation, XrefAnnotation
 
 def merge_annotations(annotations, new_annotation):
     if not isinstance(new_annotation, PackageAnnotation):
@@ -18,6 +18,23 @@ def merge_annotations(annotations, new_annotation):
 
     annotations = list(annotations)
 
+    annotations_for_pkg = [ann for ann in annotations \
+                           if isinstance(ann, PackageAnnotation) \
+                           and ann.package == new_annotation.package]
+    if not annotations_for_pkg:
+        if new_annotation.release:
+            raise ValueError(f"new annotation for {new_annotation.package}/{new_annotation.release} "
+                              "but there is no annotation for sid")
+        # new package, add it at the top
+        for idx, annotation in enumerate(annotations):
+            if isinstance(annotation, FlagAnnotation) \
+              or isinstance(annotation, XrefAnnotation):
+                continue
+
+            annotations.insert(idx, new_annotation)
+            return annotations
+
+
     # append/substitute the new one at the right place
     for idx, annotation in enumerate(annotations):
         if not isinstance(annotation, PackageAnnotation) \


=====================================
data/dla-needed.txt
=====================================
@@ -46,7 +46,7 @@ dnsmasq (Utkarsh)
 firmware-nonfree
   NOTE: 20201207: wait for the update in buster and backport that (Emilio)
 --
-glib2.0
+glib2.0 (Emilio)
 --
 golang-1.7
 --



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d16cfb47ef460153669eee57eaec807be6b4fdcc

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d16cfb47ef460153669eee57eaec807be6b4fdcc
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210218/91737337/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list