summaryrefslogtreecommitdiffstats
path: root/lib
Commit message (Collapse)AuthorAgeFilesLines
* lib: add support for data/<extended>/list in the parsersSylvain Beucler2021-10-221-0/+16
|
* security_db: fix releasepart_to_number on non-mainEmilio Pozuelo Monfort2021-06-161-0/+3
| | | | | | | For releases with a component (e.g. buster/non-free), releasepart_to_number was not spliting the component. This was causing bad sorting on CVE pages for packages in contrib or non-free.
* security_db: Create next_point_table as well on fresh DB initializationSalvatore Bonaccorso2021-05-221-0/+2
| | | | | | | | | | | | | | 8846bec76339 ("Fix CVE10k problem for CVE with more than 4 numbers") introduced the initialization of schema 22 and introducing the machinery to allow the tracker.d.o support reading next point release information. On updates from already initialized databases with previous schemas this worked fine, but as Neil Williams reported, this fails when starting with a new instance. Link: https://lists.debian.org/debian-security-tracker/2021/05/msg00024.html Fixes: 8846bec76339 ("Fix CVE10k problem for CVE with more than 4 numbers") Signed-off-by: Salvatore Bonaccorso <carnil@debian.org>
* web_support: call parse_qs from urllibEmilio Pozuelo Monfort2021-04-301-1/+6
| | | | The one from cgi has been removed in Python 3.8.
* security_db: replace base64.encodestring with encodebytesEmilio Pozuelo Monfort2021-04-301-3/+3
| | | | | | | It was an alias for the latter, and has finally been removed in Python 3.9. Likewise for decodestring.
* Sort CVEs as versionsSylvain Beucler2021-04-301-10/+3
|
* Merge branch 'beuc/security-tracker-natsort'Salvatore Bonaccorso2021-02-271-1/+8
|\ | | | | | | | | | | tracker_service: display CVE entries using natural sort order See merge request security-tracker-team/security-tracker!76
| * tracker_service: display CVE entries using natural sort order [#76]Sylvain Beucler2021-02-121-1/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | to avoid annoying confusions with the default incorrect sort due to e.g. CVE-2021-3392 considered higher than CVE-2021-20203 Approach: - use 'COLLATE natorder' [1]; however, we'd have to leave the bug unfixed for a few years, until this feature is merged and packaged in stable sqlite3 [1] https://sqlite.org/forum/forumpost/e4dc6f3331 - sort at the Python level; AFAICS this breaks the current code global logic that delegates the sort to the database, so we'd need to revamp the Python code or introduce ad-hoc logic - use a size-bounded sort at the SQL level (current patch) using a reasonable max size (10 digits / 32-bits), until 1) is available. (variable-length is feasible but impacts readability and performance)
* | Fix CVE10k problem for CVE with more than 4 numbersCarles Pina i Estany2021-02-152-1/+78
|/ | | | | | | It had no consequences in security-tracker: the next-oldstable-point-update.txt file is empty and the next-point-update.txt CVEs are not used yet for what I can see via this code path.
* sectracker.parsers: rename version to kind in package_pseudoEmilio Pozuelo Monfort2020-12-041-6/+6
| | | | | | The version is tracked in package_version, here we have a <tag> assigned to the kind variable of the PackageAnnotation, so let's call it kind to make it less confusing.
* sectracker.parsers: fix innerdispatch callbackEmilio Pozuelo Monfort2020-12-041-1/+1
| | | | The signature no longer includes a bugs list.
* sectracker.parsers: there's no 'bug filed' urgencyEmilio Pozuelo Monfort2020-12-041-2/+1
| | | | That may have been used once upon a time, but it's not used anymore.
* sectracker.parsers: use _sortedtupleEmilio Pozuelo Monfort2020-12-041-3/+1
|
* sectracker.parsers: unconditionally import internEmilio Pozuelo Monfort2020-12-041-5/+1
| | | | We no longer support Python 2.
* sectracker.parsers: add function to write the file backEmilio Pozuelo Monfort2020-12-021-0/+60
| | | | | This change and the previous ones based on work by Brian with additional fixes and adaptations by me.
* sectracker.parsers: be explicit when building PackageAnnotationsEmilio Pozuelo Monfort2020-12-021-6/+27
| | | | | In some cases we are intentionally passing versions as kinds or kinds as versions, and making it explicit makes it less confusing.
* sectracker.parsers: include TEMP issues in the CVE regexEmilio Pozuelo Monfort2020-12-021-1/+1
| | | | In order to support extended CVE files.
* sectracker.parsers: do not uniquify CVE namesEmilio Pozuelo Monfort2020-12-021-14/+1
| | | | | | | | | We need the original name (basically the year) in order to write it back later. Besides the function was taking the line number rather than a hash of the description, so it was buggy anyway. If something needs the unique name at some point, we can add it in an additional field.
* sectracker.parsers: don't sort the xrefsEmilio Pozuelo Monfort2020-12-021-1/+1
| | | | | Take them as they come, as our sorting is different than the one in the file.
* sectracker.parsers: don't wrap and deref the argumentsEmilio Pozuelo Monfort2020-12-021-4/+4
| | | | We are no longer concatenating tuples.
* sectracker.parsers: better parse annotationsEmilio Pozuelo Monfort2020-12-021-35/+27
|
* sectracker.parsers: keep the parenthesis in the descriptionEmilio Pozuelo Monfort2020-12-021-4/+0
| | | | We need them in order to write the file back.
* Remove checks for apt_pkg.version_compareEmilio Pozuelo Monfort2020-11-102-17/+7
| | | | | The rename happened too long ago, and VersionCompare is long gone. We assume it exists in security_db anyway.
* sectracker: remove future importsEmilio Pozuelo Monfort2020-11-105-8/+0
|
* sectracker/repo.py: compare data to a bytes objectEmilio Pozuelo Monfort2020-11-101-1/+1
| | | | Otherwise we'll run into an endless loop under Python 3.
* sectracker/repo.py: fix calls to urllib under python3Emilio Pozuelo Monfort2020-11-101-3/+3
|
* sectracker/repo.py: don't look for sha1 fieldsEmilio Pozuelo Monfort2020-11-101-1/+0
| | | | Release files no longer contain them.
* sectracker_test/run.py: run tests under python3Emilio Pozuelo Monfort2020-11-101-1/+1
|
* test_xpickle.py: encode data before writingEmilio Pozuelo Monfort2020-11-101-2/+2
| | | | The tempfile is opened in binary mode.
* test_regexpcase.py: use assertEqual, assertEquals is deprecatedEmilio Pozuelo Monfort2020-11-101-1/+1
|
* bugs.py: add some checks for package notesEmilio Pozuelo Monfort2020-11-051-10/+48
|
* config.py: raise an error on invalid distributionsEmilio Pozuelo Monfort2020-10-061-1/+1
|
* Reenable the backport releasesEmilio Pozuelo Monfort2020-09-301-4/+1
|
* debian_support: updateFile: support .xz filesEmilio Pozuelo Monfort2020-09-301-21/+31
| | | | https://bugs.debian.org/931533
* secmaster.py: move to bin/Emilio Pozuelo Monfort2020-08-131-59/+0
|
* web_support: fix memory leak with Python 3Emilio Pozuelo Monfort2020-08-111-1/+1
| | | | | | | ThreadingMixIn keeps a list of all non-deamon threads since Python 3.7, which prevents all the resources from being freed. Daemonize them so that we don't keep their resources forever, eventually causing OOM.
* security_db: don't encode debsecan dataEmilio Pozuelo Monfort2020-08-061-1/+1
| | | | It's already a bytes object.
* security_db: remove leftover print statementEmilio Pozuelo Monfort2020-08-061-1/+0
|
* web_support: make_list requires a list argumentEmilio Pozuelo Monfort2020-08-061-1/+1
|
* test_parsers.py: compare using isinstanceEmilio Pozuelo Monfort2020-08-061-1/+1
|
* sectracker.parsers: fix intern under py3Emilio Pozuelo Monfort2020-08-051-0/+5
|
* sectracker.repo: use standard json moduleEmilio Pozuelo Monfort2020-08-051-2/+2
|
* sectracker.xpickle: open file in binary modeEmilio Pozuelo Monfort2020-08-051-1/+1
|
* security_db: don't use cmp to compare versionsEmilio Pozuelo Monfort2020-08-051-4/+2
|
* sectracker.diagnostics: use isstring for py3 compatibilityEmilio Pozuelo Monfort2020-08-051-1/+3
|
* Revert "secmaster.py: update security-master hostname"Emilio Pozuelo Monfort2020-08-041-1/+1
| | | | This reverts commit 0b98406d0c7c6adddf23b22609a881ea3d39ebec.
* secmaster.py: update security-master hostnameEmilio Pozuelo Monfort2020-08-041-1/+1
|
* security_db: add missing importEmilio Pozuelo Monfort2020-07-291-0/+2
|
* debian_support: remove PseudoEnum.__cmp__Emilio Pozuelo Monfort2020-07-291-2/+0
| | | | | | It uses cmp, which is no longer available in python3. But that's fine, as we are now comparing using pure key functions. So let's remove the cmp helper rather then reintroducing cmp().
* Add comparison functions required for Python3Brian May2020-07-291-0/+25
|

© 2014-2024 Faster IT GmbH | imprint | privacy policy