[Git][security-tracker-team/security-tracker][master] 2 commits: dla: update zfs-linux status

[Sylvain Beucler (@beuc)]

Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker


Commits:
29bf5a55 by Sylvain Beucler at 2025-02-19T16:37:29+01:00
dla: update zfs-linux status

- - - - -
45916928 by Sylvain Beucler at 2025-02-19T16:37:29+01:00
lts-cve-triage: drop broken --skip-dla-needed

Option was introduced back in c632dfb9f6f271352df47cbfbcc30c12321f5c84
/ 5e500cdc0df42519920f65d76c6f4c47f4089de3 to skip packages referenced
in dla-needed.txt, but never worked as intended: by default the script
already filters through unconditional 'pkg not in tracker.dla_needed'
tests, ever since the first revision, and was updated accordingly ever
since.

Dropping this option which causes confusion.

In the future, we might implement an option to skip dla-needed.txt
*itself*, as sometimes it's less confusing when all packages (triaged
or not) are displayed, though this can already be done simply by
temporarily truncating dla-needed.txt

- - - - -


2 changed files:

- bin/lts-cve-triage.py
- data/dla-needed.txt


Changes:

=====================================
bin/lts-cve-triage.py
=====================================
@@ -86,8 +86,6 @@ lists = collections.defaultdict(lambda: collections.defaultdict(lambda: []))
 
 parser = argparse.ArgumentParser(
     description='Find CVEs to triage')
-parser.add_argument('--skip-dla-needed', action='store_true',
-                    help='Skip packages already in dla-needed.txt')
 parser.add_argument('--skip-cache-update', action='store_true',
                     help='Skip updating the tracker data cache')
 parser.add_argument('--filter', nargs='+', choices=[x[0] for x in LIST_NAMES],
@@ -112,9 +110,6 @@ def add_to_list(key, pkg, issue):
 
 
 for pkg in tracker.iterate_packages():
-    if args.skip_dla_needed and pkg in tracker.dla_needed:
-        continue
-
     for issue in tracker.iterate_pkg_issues(pkg):
         status_in_lts = issue.get_status(RELEASES['lts'])
         status_in_next_lts = issue.get_status(RELEASES['next_lts'])


=====================================
data/dla-needed.txt
=====================================
@@ -326,4 +326,5 @@ xrdp
 --
 zfs-linux
   NOTE: 20250117: Added by Front-Desk (rouca)
+  NOTE: 20250219: Follow fixes from bookworm 12.9 (CVE-2013-20001, CVE-2023-49298) (Beuc/front-desk)
 --



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/0c0b9c6a958de4277cb4132b738164f875d3bce1...45916928cc45083969a4ff888ff3660adfd2c923

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/0c0b9c6a958de4277cb4132b738164f875d3bce1...45916928cc45083969a4ff888ff3660adfd2c923
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250219/8714dd1e/attachment-0001.htm>