blob: 24bf819c136b01439ea3c9b63060accfebe74b3b (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
|
#!/bin/sh
####################
# Copyright (C) 2011 by Raphael Geissert <geissert@debian.org>
#
#
# This file is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This file is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this file. If not, see <http://www.gnu.org/licenses/>.
####################
set -e
OLDSTABLE=lenny
STABLE=squeeze
TESTING=wheezy
export LANG=C
[ -f doc/DSA.template ] || {
echo "error: call this script from the root of the repository" >&2
exit 1
}
[ $# -ge 3 ] || {
echo "usage: $0 [--save] DSA package vulnerability [cve(s) [bugnumber]]" >&2
exit 1
}
save=false
if [ "$1" = "--save" ]; then
save=true
shift
fi
DSAID="$1"
PACKAGE="$(printf '%s' "$2" | tr "[:upper:]" "[:lower:]")"
VULNERABILITY="$3"
CVE="$(printf '%s' "$4" | tr "[:lower:]" "[:upper:]")"
BUGNUM="$5"
CVE="$(printf '%s' "$CVE" | sed 's/[ ,;]+/ /g' | tr ' ' "\n" | sort -n | tr "\n" ' ')"
cve_spacing=
for i in $(seq 0 16); do
cve_spacing="$cve_spacing "
done
sed_cmd='s/((CVE-[0-9-]+[ ]+){4})(.+)$/\1\\n'"$cve_spacing"'\3/g;P;D'
CVE_LIST="$(printf '%s' "$CVE" | sed -r "$sed_cmd")"
case "$DSAID" in
*-*)
:
;;
*)
echo "warning: missing DSA revision number, assuming 1" >&2
DSAID="$DSAID-1"
;;
esac
if grep -wq "DSA-$DSAID" data/DSA/list; then
echo "error: DSA-$DSAID has already been used" >&2
exit 1
fi
setvar() {
local var="$1" value="$2"
if [ -z "$value" ]; then
value="$(eval 'printf "%s" "$'"$var"'"')"
fi
sed -i "s=\$$var=$value=g" "$tmpf"
}
tmpf=$(mktemp)
cat doc/DSA.template > $tmpf
name_length=$(echo -n "$DEBFULLNAME" | wc -c)
spacing=$((24-$name_length))
SPACEDDEBFULLNAME="$DEBFULLNAME"
while [ $spacing -gt 0 ]; do
SPACEDDEBFULLNAME=" $SPACEDDEBFULLNAME"
spacing=$((spacing-1))
done
DATE="$(date +"%B %d, %Y")"
date_length=$(echo -n "$DATE" | wc -c)
spacing=$((22-$date_length))
SPACEDDATE="$DATE"
while [ $spacing -gt 0 ]; do
SPACEDDATE="$SPACEDDATE "
spacing=$((spacing-1))
done
setvar DEBEMAIL
setvar DEBFULLNAME
setvar SPACEDDEBFULLNAME
setvar PACKAGE
setvar CVE "$CVE_LIST"
setvar REMLOCAL "${REMLOCAL:-remote}"
setvar DSAID
setvar BUGNUM
setvar VULNERABILITY
setvar DEBIANSPECIFIC "${DEBIANSPECIFIC:-no}"
setvar OLDSTABLE
setvar STABLE
setvar TESTING
setvar SPACEDDATE
setvar DATE
for dist in $OLDSTABLE $STABLE $TESTING UNSTABLE; do
version="$(eval 'printf "%s" "$'"$dist"_VERSION'"')"
[ -z "$version" ] || setvar "${dist}_VERSION" "$version"
done
if ! $save; then
cat $tmpf
echo
echo " ---- "
echo "Pass --save as the first parameter to save the text to DSA-$DSAID"
echo "(the data/DSA/list entry will also be added)"
rm -f "$tmpf"
exit
else
mv -i $tmpf "DSA-$DSAID" || { rm -f $tmpf; exit; }
dsa_entry=$(mktemp)
cat <<EOF > $dsa_entry
[$(date +"%d %b %Y")] DSA-$DSAID $PACKAGE - $VULNERABILITY
EOF
if [ "$CVE" ]; then
printf "\t{%s}\n" "$CVE" >> $dsa_entry
fi
for dist in $OLDSTABLE $STABLE; do
version="$(eval 'printf "%s" "$'"$dist"_VERSION'"')"
[ -z "$version" ] || \
printf "\t[%s] - %s %s\n" "$dist" "$PACKAGE" "$version" >> $dsa_entry
done
tmp_list="$(mktemp)"
cat $dsa_entry data/DSA/list > $tmp_list
cat $tmp_list > data/DSA/list
rm -f $tmp_list
echo "DSA text written to ./DSA-$DSAID"
fi
|