[Git][security-tracker-team/security-tracker][master] Revert "lts: take thunderbird"
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat Nov 15 08:46:02 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
3d5b95ea by Salvatore Bonaccorso at 2025-11-15T09:45:07+01:00
Revert "lts: take thunderbird"
This partially reverts commit 641d411f9d9992ff74eeffd7a992d77cde2390e9.
Revert the security db code changes.
- - - - -
1 changed file:
- lib/python/security_db.py
Changes:
=====================================
lib/python/security_db.py
=====================================
@@ -43,17 +43,12 @@ import sys
import time
import zlib
-import datetime
-
import config
import debian_support
from debian_support import PointUpdateParser
from helpers import isstring
-def debug(str):
- print(f'{datetime.datetime.now()}: {str}')
-
class InsertError(Exception):
"""Class for capturing insert errors.
@@ -295,7 +290,7 @@ class DB:
self._initSchema23(c)
elif v != self.schema_version:
if self.verbose:
- debug("DB: schema version mismatch: expected %d, got %d"
+ print("DB: schema version mismatch: expected %d, got %d"
% (self.schema_version, v))
raise SchemaMismatch(repr(v))
self._initViews(c)
@@ -324,9 +319,7 @@ class DB:
def commit(self, cursor):
"""Makes the changes in the transaction permanent."""
- debug("committing")
cursor.execute("COMMIT")
- debug("finished committing")
def rollback(self, cursor):
"""Undos the changes in the transaction."""
@@ -685,7 +678,7 @@ class DB:
return "source"
self.db.createscalarfunction("source_arch", source_arch, 0)
- def filedebug(self, filename):
+ def filePrint(self, filename):
"""Returns a fingerprint string for filename."""
st = os.stat(filename)
@@ -694,11 +687,11 @@ class DB:
return repr((st.st_size, st.st_ino, st.st_mtime, 1))
def _parseFile(self, cursor, filename):
- current_print = self.filedebug(filename)
+ current_print = self.filePrint(filename)
def do_parse(packages):
if self.verbose:
- debug(" reading " + repr(filename))
+ print(" reading " + repr(filename))
re_source = re.compile\
(r'^([a-zA-Z0-9.+-]+)(?:\s+\(([a-zA-Z0-9.+:~-]+)\))?$')
@@ -776,13 +769,13 @@ class DB:
"""Reads a directory of package files."""
if self.verbose:
- debug("readPackages:")
+ print("readPackages:")
self._readSourcePackages(cursor, directory)
self._readBinaryPackages(cursor, directory)
if self.verbose:
- debug(" finished")
+ print(" finished")
def _readSourcePackages(self, cursor, directory):
"""Reads from directory with source package files."""
@@ -790,10 +783,9 @@ class DB:
re_sources = re.compile(r'.*/([a-z-]+)_([a-z-]*)_([a-z-]+)_Sources$')
if self.verbose:
- debug(" reading source packages")
+ print(" reading source packages")
for filename in glob.glob(directory + '/*_Sources'):
- debug(f' processing {filename}...')
match = re_sources.match(filename)
if match is None:
raise ValueError("invalid file name: " + repr(filename))
@@ -829,7 +821,7 @@ class DB:
r'.*/([a-z-]+)_([a-z-]*)_([a-z-]+)_([a-z0-9-]+)_Packages$')
if self.verbose:
- debug(" reading binary packages")
+ print(" reading binary packages")
# First check for any changes.
@@ -837,18 +829,17 @@ class DB:
filenames.sort()
changed = False
for filename in filenames:
- debug(f' processing {filename}...')
changed = True
for (old_print,) in cursor.execute(
"SELECT inodeprint FROM inodeprints WHERE file = ?",
(filename,)):
- if self.filedebug(filename) == old_print:
+ if self.filePrint(filename) == old_print:
changed = False
if changed:
break
if not changed:
if self.verbose:
- debug(" finished (no changes)")
+ print(" finished (no changes)")
return
# Real import. We have to re-read all Packages files even if
@@ -884,11 +875,11 @@ class DB:
if unchanged:
if self.verbose:
- debug(" finished (no changes)")
+ print(" finished (no changes)")
return
if self.verbose:
- debug(" deleting old data")
+ print(" deleting old data")
cursor.execute("DELETE FROM binary_packages")
self._clearVersions(cursor)
@@ -906,7 +897,7 @@ class DB:
yield key + (archs,)
if self.verbose:
- debug(" storing binary package data")
+ print(" storing binary package data")
cursor.executemany(
"""INSERT INTO binary_packages
@@ -939,17 +930,17 @@ class DB:
def readBugs(self, cursor, path):
if self.verbose:
- debug("readBugs:")
+ print("readBugs:")
def clear_db(cleared=[False]):
# Avoid clearing the database multiple times.
if cleared[0]:
if self.verbose:
- debug(" finished (already cleared)")
+ print(" finished (already cleared)")
return
else:
if self.verbose:
- debug(" clearing database")
+ print(" clearing database")
cleared[0] = True
tables = ['debian_bugs', 'bugs', 'package_notes', 'bugs_notes', 'bugs_xref', 'package_notes_nodsa', 'ignored_packages', 'removed_packages', 'next_point_update']
@@ -962,7 +953,7 @@ class DB:
except:
# table does not exist
if self.verbose:
- debug(f"Table {table} does not exist")
+ print(f"Table {table} does not exist")
continue
if self.verbose:
print (f"Clearing table {table}")
@@ -978,7 +969,7 @@ class DB:
clear_db()
if self.verbose:
- debug(" reading " + repr(source.name))
+ print(" reading " + repr(source.name))
for bug in source:
try:
@@ -994,18 +985,18 @@ class DB:
map(lambda x: (x,), source.removed_packages.keys()))
def has_changed(filename):
- current_print = self.filedebug(filename)
+ current_print = self.filePrint(filename)
for (old_print,) in cursor.execute(
"SELECT inodeprint FROM inodeprints WHERE file = ?",
(filename,)):
if old_print == current_print:
if self.verbose:
- debug(" unchanged: " + repr(filename))
+ print(" unchanged: " + repr(filename))
return False
else:
if self.verbose:
- debug(" changed: " + repr(filename))
- debug(f" old: {old_print}, new: {current_print}")
+ print(" changed: " + repr(filename))
+ print(f" old: {old_print}, new: {current_print}")
return True
return True
@@ -1018,26 +1009,26 @@ class DB:
for filename in source_paths + [source_removed_packages, source_ignored_unreported]:
if has_changed(path + filename):
if self.verbose:
- debug(" changed: " + repr(path + filename))
+ print(" changed: " + repr(path + filename))
print (" clearing database")
changed_source = path + filename
break
if changed_source:
if self.verbose:
- debug(f" clearing database, because some files have changed (at least {changed_source})")
+ print(f" clearing database, because some files have changed (at least {changed_source})")
else:
if self.verbose:
- debug(" finished (no changes)")
+ print(" finished (no changes)")
return
clear_db()
def read_one(source):
if self.verbose:
- debug(" reading " + repr(source.name))
+ print(" reading " + repr(source.name))
filename = source.name
- current_print = self.filedebug(filename)
+ current_print = self.filePrint(filename)
do_parse(source)
cursor.execute(
@@ -1052,19 +1043,19 @@ class DB:
# Read list of packages, which were removed from the status/unreported
if self.verbose:
- debug(" update removed packages")
+ print(" update removed packages")
self.readRemovedAndIgnoredPackages(cursor, path + source_removed_packages, table = "removed_packages")
# Read list of packages, which should be ignored for the status/unreported
if self.verbose:
- debug(" update ignored packages")
+ print(" update ignored packages")
self.readRemovedAndIgnoredPackages(cursor, path + source_ignored_unreported, table = "ignored_packages")
errors = []
if self.verbose:
- debug(" check cross-references")
+ print(" check cross-references")
for (bug,) in cursor.execute(
"""SELECT DISTINCT target FROM bugs_xref
@@ -1074,7 +1065,7 @@ class DB:
errors.append("reference to unknown bug " + bug)
if self.verbose:
- debug(" copy notes")
+ print(" copy notes")
# Copy notes from DSA/DTSA/DLA to CVE.
@@ -1133,21 +1124,21 @@ class DB:
def read_next_point_update():
if self.verbose:
- debug(" insert next-point-update.txt/next-oldstable-point-update.txt")
+ print(" insert next-point-update.txt/next-oldstable-point-update.txt")
try:
release = 'stable'
insert_next_point_update(PointUpdateParser.parseNextPointUpdateStable(),
config.get_release_codename(release))
except ValueError:
- debug(f"No entry in config.json for release {release}, not adding point release data")
+ print(f"No entry in config.json for release {release}, not adding point release data")
try:
release = 'oldstable'
insert_next_point_update(PointUpdateParser.parseNextOldstablePointUpdate(),
config.get_release_codename(release))
except ValueError:
- debug(f"No entry in config.json for release {release}, not adding point release data")
+ print(f"No entry in config.json for release {release}, not adding point release data")
read_next_point_update()
@@ -1155,7 +1146,7 @@ class DB:
raise InsertError(errors)
if self.verbose:
- debug(" finished")
+ print(" finished")
def availableReleases(self, cursor=None):
"""Returns a list of tuples (RELEASE, ARCHIVE,
@@ -1206,15 +1197,15 @@ class DB:
"""Updates the linear version table."""
if self.verbose:
- debug("updateVersions:")
+ print("updateVersions:")
for x in cursor.execute("SELECT * FROM version_linear_order LIMIT 1"):
if self.verbose:
- debug(" finished (no changes)")
+ print(" finished (no changes)")
return
if self.verbose:
- debug(" reading")
+ print(" reading")
versions = []
for (v,) in cursor.execute(
@@ -1225,18 +1216,18 @@ class DB:
versions.append(debian_support.Version(v))
if self.verbose:
- debug(" calculating linear order")
+ print(" calculating linear order")
versions.sort()
if self.verbose:
- debug(" storing linear order")
+ print(" storing linear order")
for v in versions:
cursor.execute(
"INSERT INTO version_linear_order (version) VALUES (?)",
(str(v),))
if self.verbose:
- debug(" updating package notes")
+ print(" updating package notes")
cursor.execute(
"""UPDATE package_notes
SET fixed_version_id = (SELECT id FROM version_linear_order
@@ -1244,14 +1235,14 @@ class DB:
WHERE fixed_version IS NOT NULL""")
if self.verbose:
- debug(" updating source packages")
+ print(" updating source packages")
cursor.execute(
"""UPDATE source_packages
SET version_id = (SELECT id FROM version_linear_order
WHERE version = source_packages.version)""")
if self.verbose:
- debug(" finished")
+ print(" finished")
def calculateVulnerabilities(self, cursor):
"""Calculate vulnerable packages.
@@ -1267,8 +1258,8 @@ class DB:
self._updateVersions(cursor)
if self.verbose:
- debug("calculateVulnerabilities:")
- debug(" checking version consistency in package notes")
+ print("calculateVulnerabilities:")
+ print(" checking version consistency in package notes")
# The following does not work because stable->security ->
# testing -> unstable propagation is no longer available.
@@ -1294,7 +1285,7 @@ class DB:
% (b.source_file, b.source_line, repr(rel), rel_ver))
if self.verbose:
- debug(" checking source packages")
+ print(" checking source packages")
cursor.execute(
"""UPDATE package_notes SET package_kind = 'unknown'
WHERE package_kind IN ('source', 'binary')""")
@@ -1325,13 +1316,13 @@ class DB:
return result
if self.verbose:
- debug(" remove old status")
+ print(" remove old status")
cursor.execute("DELETE FROM source_package_status")
cursor.execute("DELETE FROM bug_status")
if self.verbose:
- debug(" calculate package status")
- debug(" source packages (unqualified)")
+ print(" calculate package status")
+ print(" source packages (unqualified)")
cursor.execute(
"""INSERT INTO source_package_status
@@ -1348,7 +1339,7 @@ class DB:
# therefore we use INSERT OR REPLACE.
if self.verbose:
- debug(" source packages (qualified)")
+ print(" source packages (qualified)")
cursor.execute(
"""INSERT OR REPLACE INTO source_package_status
SELECT n.bug_name, p.rowid,
@@ -1363,7 +1354,7 @@ class DB:
# assign nvd urgencies to those that have not yet been assigned
if self.verbose:
- debug(" insert nvd urgencies")
+ print(" insert nvd urgencies")
cursor.execute(
"""REPLACE INTO source_package_status
SELECT s.bug_name, s.package, s.vulnerable,
@@ -1390,7 +1381,7 @@ class DB:
# Calculate the release-specific bug status.
if self.verbose:
- debug(" calculate release status")
+ print(" calculate release status")
c = self.cursor()
@@ -1406,9 +1397,6 @@ class DB:
alias = config.get_release_alias(release)
self._calcTesting(c, bug_name, alias, release)
- if self.verbose:
- debug(" done")
-
return result
def _calcUnstable(self, cursor, bug_name):
@@ -2251,7 +2239,7 @@ class DB:
# Add file print to database for removed packages
- current_print = self.filedebug(filename)
+ current_print = self.filePrint(filename)
cursor.execute(
"""INSERT OR REPLACE INTO inodeprints (inodeprint, file)
VALUES (?, ?)""", (current_print, filename))
@@ -2358,13 +2346,13 @@ f"""SELECT DISTINCT source_package_status.bug_name, source_packages.name
AND sp.release = binary_packages.release
AND sp.archive = binary_packages.archive)
"""):
- debug("error: binary package without source package")
- debug(" binary package:", package)
- debug(" release:", release)
+ print("error: binary package without source package")
+ print(" binary package:", package)
+ print(" release:", release)
if archive:
- debug(" archive:", archive)
- debug(" architecture:", architecture)
- debug(" missing source package:", source)
+ print(" archive:", archive)
+ print(" architecture:", architecture)
+ print(" missing source package:", source)
for (package, release, archive, architecture, version,
source, source_version) \
@@ -2379,15 +2367,15 @@ f"""SELECT DISTINCT source_package_status.bug_name, source_packages.name
AND sp.version <> binary_packages.source_version"""):
assert debian_support.Version(version) != debian_support.Version(source_version)
if debian_support.Version(version) <= debian_support.Version(source_version):
- debug("error: binary package is older than source package")
+ print("error: binary package is older than source package")
else:
- debug("warning: binary package is newer than source package")
- debug(" binary package: %s (%s)" % (package, version))
- debug(" source package: %s (%s)" % (source, source_version))
- debug(" release:", release)
+ print("warning: binary package is newer than source package")
+ print(" binary package: %s (%s)" % (package, version))
+ print(" source package: %s (%s)" % (source, source_version))
+ print(" release:", release)
if archive:
- debug(" archive:", archive)
- debug(" architecture:", architecture)
+ print(" archive:", archive)
+ print(" architecture:", architecture)
def test():
assert mergeLists(u'',u'') == [], mergeLists(u'', u'')
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3d5b95eab9358afedae70055d2f04b8efd938fb6
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3d5b95eab9358afedae70055d2f04b8efd938fb6
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251115/983025d8/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list