diff options
author | Sebastien Delafond <seb@debian.org> | 2021-02-15 09:14:47 +0000 |
---|---|---|
committer | Sebastien Delafond <seb@debian.org> | 2021-02-15 09:14:47 +0000 |
commit | fa0c18c01ead3006091e1843b1320305c5053e97 (patch) | |
tree | 9f43d0a9e013533794e0d71db82225e9471cfe35 /bin | |
parent | 8e19d160def3af33759fc46594704958fdea90de (diff) | |
parent | ee615967842797c7d9fe74f87d9e01ef05d838d7 (diff) |
Merge branch 'next-point-update' into 'master'
Next point update
See merge request security-tracker-team/security-tracker!77
Diffstat (limited to 'bin')
-rw-r--r-- | bin/tracker_data.py | 22 | ||||
-rwxr-xr-x | bin/tracker_service.py | 19 |
2 files changed, 19 insertions, 22 deletions
diff --git a/bin/tracker_data.py b/bin/tracker_data.py index f0bbb0de70..15d173ad6e 100644 --- a/bin/tracker_data.py +++ b/bin/tracker_data.py @@ -20,6 +20,7 @@ import subprocess import requests import six +from debian_support import PointUpdateParser class TrackerData(object): @@ -125,26 +126,9 @@ class TrackerData(object): with open(os.path.join(self.DATA_DIR, 'dla-needed.txt'), 'r') as f: self.dla_needed = self.parse_needed_file(f) - @classmethod - def parse_point_update_file(self, inputfile): - CVE_RE = 'CVE-[0-9]{4}-[0-9X]{4}' - result = {} - for line in inputfile: - res = re.match(CVE_RE, line) - if res: - cve = res.group(0) - result[cve] = {} - continue - elif line.startswith('\t['): - dist, _, pkg, ver = line.split() - result[cve][pkg] = ver - return result - def load_point_updates(self): - with open(os.path.join(self.DATA_DIR, 'next-oldstable-point-update.txt'), 'r') as f: - self.oldstable_point_update = self.parse_point_update_file(f) - with open(os.path.join(self.DATA_DIR, 'next-point-update.txt'), 'r') as f: - self.stable_point_update = self.parse_point_update_file(f) + self.oldstable_point_update = PointUpdateParser.parseNextOldstablePointUpdate() + self.stable_point_update = PointUpdateParser.parseNextPointUpdateStable() def iterate_packages(self): """Iterate over known packages""" diff --git a/bin/tracker_service.py b/bin/tracker_service.py index 42394f0f1d..2686bc4c24 100755 --- a/bin/tracker_service.py +++ b/bin/tracker_service.py @@ -1314,8 +1314,9 @@ Debian bug number.'''), urgency = defaultdict(lambda: defaultdict(dict)) nodsa = defaultdict(lambda: defaultdict(dict)) nodsa_reason = defaultdict(lambda: defaultdict(dict)) + next_point_update = defaultdict(lambda: defaultdict(set)) supported_releases = config.get_supported_releases() - for (pkg, issue, desc, debianbug, release, subrelease, db_version, db_fixed_version, db_status, db_urgency, db_remote, db_nodsa, db_nodsa_reason) in self.db.cursor().execute( + for (pkg, issue, desc, debianbug, release, subrelease, db_version, db_fixed_version, db_status, db_urgency, db_remote, db_nodsa, db_nodsa_reason, db_next_point_update) in self.db.cursor().execute( """SELECT sp.name, st.bug_name, (SELECT cve_desc FROM nvd_data WHERE cve_name = st.bug_name), @@ -1335,7 +1336,9 @@ Debian bug number.'''), AND nd.bug_name = st.bug_name) AS nodsa, (SELECT reason FROM package_notes_nodsa AS nd WHERE nd.package = sp.name AND nd.release = sp.release - AND nd.bug_name = st.bug_name) AS nodsa_reason + AND nd.bug_name = st.bug_name) AS nodsa_reason, + (SELECT next_point_update.release as next_point_update_release FROM next_point_update + WHERE st.bug_name=next_point_update.cve_name) AS next_point_update_release FROM source_package_status AS st, source_packages AS sp, bugs WHERE sp.rowid = st.package AND st.bug_name = bugs.name AND ( st.bug_name LIKE 'CVE-%' OR st.bug_name LIKE 'TEMP-%' ) @@ -1365,6 +1368,8 @@ Debian bug number.'''), fixed_version[pkg][issue][repository] = db_fixed_version status[pkg][issue][repository] = db_status urgency[pkg][issue][repository] = db_urgency + if db_next_point_update: + next_point_update[pkg][issue].add(db_next_point_update) if str(db_nodsa) != 'None': nodsa[pkg][issue][repository] = db_nodsa if str(db_nodsa_reason) != 'None': @@ -1422,6 +1427,12 @@ Debian bug number.'''), suite_nodsa = nodsa[pkg][issue][repository] if repository in nodsa_reason[pkg][issue]: suite_nodsa_reason = nodsa_reason[pkg][issue][repository] + if pkg in next_point_update and \ + issue in next_point_update[pkg] and \ + release in next_point_update[pkg][issue]: + suite_next_point_update = True + else: + suite_next_point_update = None for repository in repositories[pkg][issue]: for suffix in ('','-security','-lts'): subrelease=release+suffix @@ -1432,7 +1443,9 @@ Debian bug number.'''), "fixed_version" : suite_fixed_version, "urgency": suite_urgency, "nodsa": suite_nodsa, - "nodsa_reason": suite_nodsa_reason} + "nodsa_reason": suite_nodsa_reason, + "next_point_update": suite_next_point_update + } clean_dict(suites[release]) pkg_issue = { "description": description, "debianbug": debianbug, |