diff options
author | Emilio Pozuelo Monfort <pochu@debian.org> | 2018-06-01 13:52:53 +0200 |
---|---|---|
committer | Emilio Pozuelo Monfort <pochu@debian.org> | 2018-06-08 10:04:06 +0200 |
commit | 975cda8490083226200eb5514a4e82624177137c (patch) | |
tree | ef16efe49fce741ddbe98502d7b47ae0324f0698 /lib | |
parent | 71460b51ce2e60daaec625cb17243320337c1078 (diff) |
Dynamically create announce queries
Based on the DSA-like files present in the config file.
Diffstat (limited to 'lib')
-rw-r--r-- | lib/python/security_db.py | 22 |
1 files changed, 20 insertions, 2 deletions
diff --git a/lib/python/security_db.py b/lib/python/security_db.py index 9c7d4afd8b..9bcbb3eaec 100644 --- a/lib/python/security_db.py +++ b/lib/python/security_db.py @@ -862,6 +862,22 @@ class DB: return sources + def genDBAdvisoryString(self, field, dtsa=False): + sources = self.getSources() + advs = [] + + for path, cls in sources.iteritems(): + name = path.split('/')[1] + + if cls == 'DSAFile': + advs.append(name) + + if cls == 'DTSAFile' and dtsa: + advs.append(name) + + advs = ["{} LIKE '{}-%'".format(field, adv) for adv in advs] + return " OR ".join(advs) + def readBugs(self, cursor, path): if self.verbose: print "readBugs:" @@ -968,9 +984,10 @@ class DB: # Copy notes from DSA/DTSA/DLA to CVE. old_source = '' + source_like = self.genDBAdvisoryString("source", dtsa=True) for source, target in list(cursor.execute( """SELECT source, target FROM bugs_xref - WHERE (source LIKE 'DTSA-%' OR source LIKE 'DSA-%' OR source LIKE 'DLA-%') + WHERE (""" + source_like + """) AND target LIKE 'CVE-%'""")): if source <> old_source: source_bug = bugs.BugFromDB(cursor, source) @@ -1849,11 +1866,12 @@ class DB: return flag def getDSAsForSourcePackage(self, cursor, package): + bugs_like = self.genDBAdvisoryString("bugs.name", dtsa=False) for row in cursor.execute( """SELECT bugs.name, bugs.description FROM bugs, package_notes as p WHERE p.bug_name = bugs.name - AND ( bugs.name LIKE 'DSA-%' OR bugs.name LIKE 'DLA-%') + AND ( """ + bugs_like + """ ) AND p.package = ? ORDER BY bugs.release_date DESC""", (package,)): yield DSAsForSourcePackage(*row) |