From b0c641ac53b60527df6f300de27f28c5acde1659 Mon Sep 17 00:00:00 2001
From: Sylvain Beucler <beuc@beuc.net>
Date: Thu, 29 Apr 2021 16:19:23 +0200
Subject: Sort CVEs as versions

---
 lib/python/security_db.py | 13 +++----------
 1 file changed, 3 insertions(+), 10 deletions(-)

(limited to 'lib')

diff --git a/lib/python/security_db.py b/lib/python/security_db.py
index 26d1d61aca..396df949c6 100644
--- a/lib/python/security_db.py
+++ b/lib/python/security_db.py
@@ -138,14 +138,7 @@ BugsForSourcePackage_query = \
   JOIN source_packages sp ON (st.package = sp.rowid)
   WHERE sp.name = ?
   AND (bugs.name LIKE 'CVE-%' OR bugs.name LIKE 'TEMP-%')
-  ORDER BY
-    -- 'COLLATE natorder' emulation, using 0-padding (MR#76)
-    -- e.g. CVE-2016-1000393 -> CVE-2016-0001000393
-    CASE substr(bugs.name,1,3)
-      WHEN 'CVE' THEN
-        substr(bugs.name,1,9) || substr("0000000000"||substr(bugs.name, 10, 10), -10)
-      ELSE bugs.name
-    END DESC, sp.release"""
+  ORDER BY bugs.name COLLATE version DESC, sp.release"""
 # Sort order is important for the groupby operation below.
 
 def getBugsForSourcePackage(cursor, pkg):
@@ -1943,14 +1936,14 @@ class DB:
                 WHERE bugs_notes.typ = 'TODO'
                 AND bugs_notes.comment <> 'check'
                 AND bugs.name = bugs_notes.bug_name
-                ORDER BY name """)
+                ORDER BY name COLLATE version""")
         else:
             return cursor.execute(
                 """SELECT DISTINCT bugs.name, bugs.description, bugs_notes.comment
                 FROM bugs_notes, bugs
                 WHERE bugs_notes.typ = 'TODO'
                 AND bugs.name = bugs_notes.bug_name
-                ORDER BY name """)
+                ORDER BY name COLLATE version""")
 
     def getBugXrefs(self, cursor, bug):
         """Returns a generator for a list of bug names.  The listed
-- 
cgit v1.2.3