[Git][security-tracker-team/security-tracker][master] Revert "bugs.py: Hint towards a typo issue on check"
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Aug 2 06:26:19 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
0fb7fd76 by Salvatore Bonaccorso at 2023-08-02T07:24:40+02:00
Revert "bugs.py: Hint towards a typo issue on check"
This reverts commit 63a9aa4515f4335203346034dcf842b067ab0fcc.
Samuel Henrique reported on IRC to get a message "release note must
follow its package note" when trying to commit
diff --git c/data/CVE/list i/data/CVE/list
index 5f829a4c..a3741dd6 100644
--- c/data/CVE/list
+++ i/data/CVE/list
@@ -92086,10 +92086,12 @@ CVE-2022-28702 (Incorrect Default Permissions vulnerability in ABB e-Design allo
CVE-2022-1615 (In Samba, GnuTLS gnutls_rnd() can fail and give predictable random val ...)
[experimental] - samba 2:4.17.0+dfsg-1
- samba 2:4.16.5+dfsg-2 (bug #1021024)
+ [buster] - sambda <not-affected> (Vulnerable code introduced later)
[bullseye] - samba <postponed> (Minor issue)
NOTE: https://bugzilla.samba.org/show_bug.cgi?id=15103
NOTE: https://gitlab.com/samba-team/samba/-/merge_requests/2644
- NOTE: https://gitlab.com/samba-team/samba/-/commit/9849e7440e30853c61a80ce1f11b7b244ed766fe (samba-4.17.0rc1)
+ NOTE: Introduced by: https://gitlab.com/samba-team/samba/-/commit/664eed2e926f8f572b81e6d7c8e09b7ccbafb908 (samba-4.12.0)
+ NOTE: Fixed by: https://gitlab.com/samba-team/samba/-/commit/9849e7440e30853c61a80ce1f11b7b244ed766fe (samba-4.17.0rc1)
CVE-2022-1614 (The WP-EMail WordPress plugin before 2.69.0 prioritizes getting a visi ...)
NOT-FOR-US: WordPress plugin
CVE-2022-1613 (The Restricted Site Access WordPress plugin before 7.3.2 prioritizes g ...)
In this case the error comes because of the release "[buster] - sambda
..." does not follow a package note "- sambda ...", which hints this
time to a possible typo in the source package name. If the source
package name would have been correct, the syntax check would have
indicated the wrong order next.
But this is not generally only a hint to a typo. Samewise the message
would come if two source package enties are covered and a release note
is put before the actual package note, e.g.
- linux ...
[buster] - amd64-microcode ...
- amd64-microcode
Revert the change as the hint is given to check if something is wrong
adding the release note. It *might* be a typo in the source package
note, but it might be as well a release note which is missplaced but
valid.
That said, this hints at that the notation of 'package note' and
'release note' is not sufficiently well explained and might need some
clarification in the message from the syntax check or documentation.
- - - - -
1 changed file:
- lib/python/bugs.py
Changes:
=====================================
lib/python/bugs.py
=====================================
@@ -754,9 +754,7 @@ class FileBase(debian_support.PackageFile):
#self.raiseSyntaxError("experimental release note must come before the package note")
pass
elif note.release and note.release != debian_support.internRelease('experimental'):
- self.raiseSyntaxError(
- "release note must follow its package note (typo in package name?)",
- lineno)
+ self.raiseSyntaxError("release note must follow its package note", lineno)
else:
if prev_note.release and note.release and prev_note.release < note.release:
self.raiseSyntaxError("release notes not ordered properly", lineno)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0fb7fd7672d868a738423e0b8ca96324354d2406
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0fb7fd7672d868a738423e0b8ca96324354d2406
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230802/1c019600/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list