[Git][security-tracker-team/security-tracker][master] 2 commits: tracker_service: Fix generation of references for followup DSAs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat Jan 6 16:04:53 GMT 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
0108d353 by Salvatore Bonaccorso at 2024-01-06T16:58:59+01:00
tracker_service: Fix generation of references for followup DSAs
As noted by Thomas Lange, incremented DSA references were as well
pointing to the unversioned DSA page, for instance
https://security-tracker.debian.org/tracker/DSA-5576-2 refers in it
source field https://www.debian.org/security/2023/dsa-5576 which will
redirect to the DSA-5576-1 announce mail.
Add logic to the url_dsa to only refer to the unversioned DSA reference
for the initial revision. Followups, either due to regression or
incomplete security fix will refer to the respective revision.
As potentially in a later change on debian-www side will make the
unversioned DSA entries refer to the latest mailinglist post about a
DSA, a followup commit might actually simplify the logic to always
generate the reference with the respective revision.
Reported-by: Thomas Lange <lange at cs.uni-koeln.de>
Link: https://lists.debian.org/debian-security/2024/01/msg00001.html
Signed-off-by: Salvatore Bonaccorso <carnil at debian.org>
- - - - -
d2650dd3 by Salvatore Bonaccorso at 2024-01-06T16:04:42+00:00
Merge branch 'dsa-source-references' into 'master'
tracker_service: Fix generation of references for followup DSAs
See merge request security-tracker-team/security-tracker!157
- - - - -
1 changed file:
- bin/tracker_service.py
Changes:
=====================================
bin/tracker_service.py
=====================================
@@ -1548,16 +1548,20 @@ Debian bug number.'''),
def url_web_search_bug(self, url, name):
return url.absolute("https://duckduckgo.com/html", q='"%s"' % name)
- def url_dsa(self, url, dsa, re_dsa=re.compile(r'^DSA-(\d+)(?:-\d+)?$')):
+ def url_dsa(self, url, dsa, re_dsa=re.compile(r'^DSA-(\d+)(-\d+)?$')):
match = re_dsa.match(dsa)
if match:
+ (number,revision) = match.groups()
+ if revision == "-1":
+ link = "dsa-%d" % int(number)
+ else:
+ link = dsa.lower()
# We must determine the year because there is no generic URL.
- (number,) = match.groups()
for (date,) in self.db.cursor().execute(
"SELECT release_date FROM bugs WHERE name = ?", (dsa,)):
(y, m, d) = date.split('-')
- return url.absolute("https://www.debian.org/security/%d/dsa-%d"
- % (int(y), int(number)))
+ return url.absolute("https://www.debian.org/security/%d/%s"
+ % (int(y), link))
return None
def url_dla(self, url, dla, re_dla=re.compile(r'^DLA-(\d+)(-\d+)?$')):
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/7bcdca5ec97a8824c55de27383806aa00f55713d...d2650dd3180670437169c2214ca9122a56f28037
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/7bcdca5ec97a8824c55de27383806aa00f55713d...d2650dd3180670437169c2214ca9122a56f28037
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240106/aaf27850/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list