| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
| |
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@10580 e39458fd-73e7-0310-bf30-c45bca0a0e42
|
| |
|
|
| |
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@10565 e39458fd-73e7-0310-bf30-c45bca0a0e42
|
| |
|
|
| |
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@8950 e39458fd-73e7-0310-bf30-c45bca0a0e42
|
| |
|
|
| |
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@8857 e39458fd-73e7-0310-bf30-c45bca0a0e42
|
| |
|
|
| |
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@5877 e39458fd-73e7-0310-bf30-c45bca0a0e42
|
| |
|
|
| |
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@5641 e39458fd-73e7-0310-bf30-c45bca0a0e42
|
| |
|
|
| |
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@5635 e39458fd-73e7-0310-bf30-c45bca0a0e42
|
| |
|
|
|
|
|
|
| |
stable-security sometimes includes non-free, so we process
non-free as well.
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@4731 e39458fd-73e7-0310-bf30-c45bca0a0e42
|
| |
|
|
|
|
|
| |
Include amd64 data for etch and its successors.
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@4149 e39458fd-73e7-0310-bf30-c45bca0a0e42
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Do not hard-code the database name. Use SQLite in non-synchronous
mode.
Makefile (all):
Run bin/update-db on a copy of the database, so that we can continue
to serve requests while the database is being updated.
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@3056 e39458fd-73e7-0310-bf30-c45bca0a0e42
|
| |
|
|
|
|
|
|
|
| |
List architectures in makefile variables.
Pick some regular Debian mirror, since package diff support has
graduated.
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@2513 e39458fd-73e7-0310-bf30-c45bca0a0e42
|
| |
|
|
| |
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@2463 e39458fd-73e7-0310-bf30-c45bca0a0e42
|
| |
|
|
|
|
|
|
| |
Update. ("make check" should work out-of-the box and checks for
syntax errors in the data/*/list files.)
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@2224 e39458fd-73e7-0310-bf30-c45bca0a0e42
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Most processing is skipped if no input files have been modified.
lib/python/security_db.py (SchemaMismatch):
New exception.
(DB):
Handle schema versioning.
(DB.initSchema):
Add subrelease column to source_packages and binary_packages.
Set user_version.
Remove stray commit.
(DB._parseFile):
Return information to the caller if the file is unchanged.
(DB.readPackages):
Move deletion code to callees.
(DB._readSourcePackages, DB._readBinaryPackages):
Implement incremental updates. Add subrelease.
Need to invoke _clearVersions if any changes are made.
(DB.deleteBugs, DB.finishBugs):
Moved into readBugs.
(DB.insertBugs):
Rename ...
(DB.readBugs):
... to this one. Implement incremental updates.
Invoke _clearVersions if necessary.
(DB._clearVersions):
Add.
(DB._updateVersions):
Skip processing if _clearVersions has not been invoked.
(DB.getVersion, DB.releaseContainsPackage, DB._synthesizeReleases):
Obsolete, remove.
(test):
Update.
lib/python/bugs.py (CANFile, CVEFile):
Split into two classes, which handle the differences between the two
files.
bin/check-syntax:
Update accordingly.
bin/update-db:
New database update script. Implements incremental updates.
Makefile:
Remove references to bin/update-packages. Simplify drastically.
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@1994 e39458fd-73e7-0310-bf30-c45bca0a0e42
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
as they have the same version. Synthesis of testing/stable/oldstable
has been disabled (and will be replaced with new code).
lib/python/security_db.py (mergeLists):
New helper functions to deal with architecture lists.
(DB.initSchema):
Add parsed column to inodeprints table.
Update source_packages and binary_packages table.
Split package_status into source_package_status and
binary_package_status.
(DB.updateSources, DB.updatePackages):
Remove and replace with ...
(DB.readPackages):
... new method.
(DB.availableReleases, DB._updateVersions):
Adjust to new schema.
(DB.calculateVulnerabilities):
Disable synthesis of testing etc.
Adjust to new schema.
Fix bug in large INSERT INTO statements: Need t.release = p.release
instead of t.release = n.release.
Add return to disable bug-specific rating code.
(test):
Update.
lib/python/bugs.py (PackageNote.releaseStatus):
Rename ...
(PackageNote.sourceStatus):
... and make it specific to source packages.
(BugFromDB.getDebianBugs):
New method to get a list of Debian bug numbers.
bin/update-packages (import):
Automatically reads the correct directory.
Makefile (stamps/packages-imported):
Update accordingly.
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@1983 e39458fd-73e7-0310-bf30-c45bca0a0e42
|
| |
|
|
|
|
|
| |
Download woody files, too.
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@1966 e39458fd-73e7-0310-bf30-c45bca0a0e42
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
currently directed towards testing (but does not yet process the
secure-testing archive).
A new table is added, so "make clean" is required.
The remaining problem (besides potential bugs in the code) is how to
deal with kernel updates, IOW how to detect them and ignore them.
bin/update-vulnerabilities:
New script, updates the bugs_status table.
lib/python/bugs.py (PackageNote.affects):
Fix all kinds of errors. The code never ran before, it seems. 8-/
(PackageNote.fixedVersion):
Add.
(BugBase.hasTODO):
Add.
(BugReservedCVE, BugRejectedCVE):
Mark as not-for-us.
(FileBase.rawRecords):
Mark all un-annotated bugs after STOP: field as not-for-us.
lib/python/security_db.py (DB.initSchema):
Add table bugs_status.
(DB.finishBugs):
Run to completion even if there are conflicting CAN/CVE entries.
(DB.getVersion, calculateVulnerabilities):
New methods.
(test):
Update.
lib/python/debian_support.py (Version):
Add a type check.
Makefile:
Add stamps/calc-vulns target.
bin/update-packages:
Fix typo in comment.
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@1951 e39458fd-73e7-0310-bf30-c45bca0a0e42
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
After this change, you must run "make clean update-packages all" to
download the package data.
lib/python/security_db.py(DB.initSchema):
Add table inodeprints.
(DB.filePrint, DB._maybeUpdate, DB.maybeUpdateSources,
DB.maybeUpdatePackages):
Add.
(test):
Update to new file locations.
bin/update-packages:
New file. Used by the makefile.
data/packages:
New directory. Used to store the downloaded files.
Makefile:
Add "update-packages" and "clean" targets, and the necessary targets
to support them.
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@1947 e39458fd-73e7-0310-bf30-c45bca0a0e42
|
|
|
"make check" runs a syntax check (no SQLite required). "make all"
updates the SQLite database, and performs cross-list consistency checks.
There is some support for loading Debian Package/Sources files, but this
information is currently not used by the checks.
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@1934 e39458fd-73e7-0310-bf30-c45bca0a0e42
|
