Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | xpickle: re-parse the file in case of AttributeError | Emilio Pozuelo Monfort | 2023-03-28 | 1 | -6/+1 |
| | |||||
* | Add a readable hint on what happens on unpickling errors | Dominik George | 2023-03-28 | 1 | -0/+5 |
| | |||||
* | sectracker.parsers: make cvelist et al return a list of Bugs | Emilio Pozuelo Monfort | 2023-03-27 | 2 | -4/+11 |
| | |||||
* | parsers: make classes mutable | Emilio Pozuelo Monfort | 2023-03-27 | 1 | -19/+58 |
| | | | | | | | The parser is not read-only but has write support, so it makes more sense to have mutable classes so that API users can modify them as appopriate rather than going through hoops to clone objects in order to modify something. | ||||
* | sectracker.parsers: fix reporting of invalid annotations | Emilio Pozuelo Monfort | 2023-03-27 | 1 | -1/+1 |
| | |||||
* | sectracker.parsers: fix itp bug check | Emilio Pozuelo Monfort | 2023-03-27 | 1 | -1/+1 |
| | |||||
* | sectracker.analyzers: check the right struct fields | Emilio Pozuelo Monfort | 2023-03-27 | 1 | -2/+2 |
| | |||||
* | lib: add support for data/<extended>/list in the parsers | Sylvain Beucler | 2021-10-22 | 1 | -0/+16 |
| | |||||
* | sectracker.parsers: rename version to kind in package_pseudo | Emilio Pozuelo Monfort | 2020-12-04 | 1 | -6/+6 |
| | | | | | | The version is tracked in package_version, here we have a <tag> assigned to the kind variable of the PackageAnnotation, so let's call it kind to make it less confusing. | ||||
* | sectracker.parsers: fix innerdispatch callback | Emilio Pozuelo Monfort | 2020-12-04 | 1 | -1/+1 |
| | | | | The signature no longer includes a bugs list. | ||||
* | sectracker.parsers: there's no 'bug filed' urgency | Emilio Pozuelo Monfort | 2020-12-04 | 1 | -2/+1 |
| | | | | That may have been used once upon a time, but it's not used anymore. | ||||
* | sectracker.parsers: use _sortedtuple | Emilio Pozuelo Monfort | 2020-12-04 | 1 | -3/+1 |
| | |||||
* | sectracker.parsers: unconditionally import intern | Emilio Pozuelo Monfort | 2020-12-04 | 1 | -5/+1 |
| | | | | We no longer support Python 2. | ||||
* | sectracker.parsers: add function to write the file back | Emilio Pozuelo Monfort | 2020-12-02 | 1 | -0/+60 |
| | | | | | This change and the previous ones based on work by Brian with additional fixes and adaptations by me. | ||||
* | sectracker.parsers: be explicit when building PackageAnnotations | Emilio Pozuelo Monfort | 2020-12-02 | 1 | -6/+27 |
| | | | | | In some cases we are intentionally passing versions as kinds or kinds as versions, and making it explicit makes it less confusing. | ||||
* | sectracker.parsers: include TEMP issues in the CVE regex | Emilio Pozuelo Monfort | 2020-12-02 | 1 | -1/+1 |
| | | | | In order to support extended CVE files. | ||||
* | sectracker.parsers: do not uniquify CVE names | Emilio Pozuelo Monfort | 2020-12-02 | 1 | -14/+1 |
| | | | | | | | | | We need the original name (basically the year) in order to write it back later. Besides the function was taking the line number rather than a hash of the description, so it was buggy anyway. If something needs the unique name at some point, we can add it in an additional field. | ||||
* | sectracker.parsers: don't sort the xrefs | Emilio Pozuelo Monfort | 2020-12-02 | 1 | -1/+1 |
| | | | | | Take them as they come, as our sorting is different than the one in the file. | ||||
* | sectracker.parsers: don't wrap and deref the arguments | Emilio Pozuelo Monfort | 2020-12-02 | 1 | -4/+4 |
| | | | | We are no longer concatenating tuples. | ||||
* | sectracker.parsers: better parse annotations | Emilio Pozuelo Monfort | 2020-12-02 | 1 | -35/+27 |
| | |||||
* | sectracker.parsers: keep the parenthesis in the description | Emilio Pozuelo Monfort | 2020-12-02 | 1 | -4/+0 |
| | | | | We need them in order to write the file back. | ||||
* | Remove checks for apt_pkg.version_compare | Emilio Pozuelo Monfort | 2020-11-10 | 1 | -8/+4 |
| | | | | | The rename happened too long ago, and VersionCompare is long gone. We assume it exists in security_db anyway. | ||||
* | sectracker: remove future imports | Emilio Pozuelo Monfort | 2020-11-10 | 2 | -4/+0 |
| | |||||
* | sectracker/repo.py: compare data to a bytes object | Emilio Pozuelo Monfort | 2020-11-10 | 1 | -1/+1 |
| | | | | Otherwise we'll run into an endless loop under Python 3. | ||||
* | sectracker/repo.py: fix calls to urllib under python3 | Emilio Pozuelo Monfort | 2020-11-10 | 1 | -3/+3 |
| | |||||
* | sectracker/repo.py: don't look for sha1 fields | Emilio Pozuelo Monfort | 2020-11-10 | 1 | -1/+0 |
| | | | | Release files no longer contain them. | ||||
* | sectracker.parsers: fix intern under py3 | Emilio Pozuelo Monfort | 2020-08-05 | 1 | -0/+5 |
| | |||||
* | sectracker.repo: use standard json module | Emilio Pozuelo Monfort | 2020-08-05 | 1 | -2/+2 |
| | |||||
* | sectracker.xpickle: open file in binary mode | Emilio Pozuelo Monfort | 2020-08-05 | 1 | -1/+1 |
| | |||||
* | sectracker.diagnostics: use isstring for py3 compatibility | Emilio Pozuelo Monfort | 2020-08-05 | 1 | -1/+3 |
| | |||||
* | Replace cPickle with pickle library | Brian May | 2020-07-29 | 1 | -1/+1 |
| | | | | cPickle isn't available in Python 3. | ||||
* | Replace file() with open() for Python 3 compatability | Brian May | 2019-03-04 | 2 | -5/+5 |
| | |||||
* | Merge branch 'bam/security-tracker-use_pythons_namedtuple' | Salvatore Bonaccorso | 2018-11-11 | 4 | -96/+3 |
|\ | |||||
| * | Use the namedtuple class supplied with Python | Brian May | 2018-08-20 | 4 | -96/+3 |
| | | |||||
* | | Replace "x.has_key(y)" with "y in x" syntax | Brian May | 2018-08-20 | 1 | -1/+1 |
|/ | |||||
* | Fix print statements for Python 3.6 compatibility | Brian May | 2018-08-06 | 2 | -2/+2 |
| | |||||
* | Replace <> with != for Python 3.6 compatibility | Brian May | 2018-07-15 | 2 | -3/+3 |
| | |||||
* | Update python exception syntax for Python 3.6 compatibility | Brian May | 2018-07-13 | 3 | -3/+3 |
| | |||||
* | Let the CVE parser know about postponed & ignored sub-states | Sebastien Delafond | 2017-08-13 | 1 | -1/+1 |
| | | | | git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@54714 e39458fd-73e7-0310-bf30-c45bca0a0e42 | ||||
* | Fix spelling issue in parsers.py | Sebastien Delafond | 2017-08-04 | 1 | -2/+2 |
| | | | | git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@54262 e39458fd-73e7-0310-bf30-c45bca0a0e42 | ||||
* | Fix parser for DLA/list | Sebastien Delafond | 2017-08-04 | 1 | -4/+3 |
| | | | | git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@54256 e39458fd-73e7-0310-bf30-c45bca0a0e42 | ||||
* | add support for squeeze-lts (Closes: #759727 once Florian has applied this ↵ | Salvatore Bonaccorso | 2014-09-01 | 1 | -0/+17 |
| | | | | | | to soler.d.o) git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@28539 e39458fd-73e7-0310-bf30-c45bca0a0e42 | ||||
* | Revert "add support for squeeze-lts (Closes: #759727 once Florian has ↵ | Salvatore Bonaccorso | 2014-09-01 | 1 | -17/+0 |
| | | | | | | | | applied this to soler.d.o)" This reverts commit 6357e7f64b5cdab2f194dc5a1ae0ff309bb625f6. git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@28536 e39458fd-73e7-0310-bf30-c45bca0a0e42 | ||||
* | add support for squeeze-lts (Closes: #759727 once Florian has applied this ↵ | Holger Levsen | 2014-08-31 | 1 | -0/+17 |
| | | | | | | to soler.d.o) git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@28525 e39458fd-73e7-0310-bf30-c45bca0a0e42 | ||||
* | prepare for new CVE format | Thijs Kinkhorst | 2013-12-05 | 1 | -1/+1 |
| | | | | git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@24590 e39458fd-73e7-0310-bf30-c45bca0a0e42 | ||||
* | DSA-2181-1: fix typo | Florian Weimer | 2011-03-04 | 1 | -4/+0 |
| | | | | git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@16302 e39458fd-73e7-0310-bf30-c45bca0a0e42 | ||||
* | sectracker.analyzers.bestversion(): new subroutine | Florian Weimer | 2010-05-30 | 1 | -0/+24 |
| | | | | git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@14769 e39458fd-73e7-0310-bf30-c45bca0a0e42 | ||||
* | sectracker.repo.Config: add cache for map of parsed files | Florian Weimer | 2010-05-30 | 1 | -1/+9 |
| | | | | git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@14768 e39458fd-73e7-0310-bf30-c45bca0a0e42 | ||||
* | sectracker.analyzers.vulnerabilities(): allow {} overrides | Florian Weimer | 2010-05-10 | 1 | -3/+7 |
| | | | | | | | | See thread "A new ambiguity" on the debian-security-tracker list: <http://lists.debian.org/debian-security-tracker/2010/05/msg00011.html> git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@14666 e39458fd-73e7-0310-bf30-c45bca0a0e42 | ||||
* | sectracker.analyzers.fixedversions: renamed from vulnerabilities | Florian Weimer | 2010-05-10 | 1 | -1/+1 |
| | | | | git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@14665 e39458fd-73e7-0310-bf30-c45bca0a0e42 |