diff options
author | Raphael Geissert <geissert@debian.org> | 2014-02-09 11:10:07 +0000 |
---|---|---|
committer | Raphael Geissert <geissert@debian.org> | 2014-02-09 11:10:07 +0000 |
commit | fed7575f1dac1b8f1635ab6abe4a42ac6a3f78d7 (patch) | |
tree | 31c6c6eda0ea3babef5084c06bb92ab89fccdee5 /bin/add-dsa-needed.sh | |
parent | 44784f1b0d5912e8a6f46d6258870904e8f8647d (diff) |
Script to automagically populate the dsa-needed file
if something looks wrong, fix the data/CVE/list and *then* the
dsa-needed file
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@25626 e39458fd-73e7-0310-bf30-c45bca0a0e42
Diffstat (limited to 'bin/add-dsa-needed.sh')
-rwxr-xr-x | bin/add-dsa-needed.sh | 75 |
1 files changed, 75 insertions, 0 deletions
diff --git a/bin/add-dsa-needed.sh b/bin/add-dsa-needed.sh new file mode 100755 index 0000000000..b60e5390d4 --- /dev/null +++ b/bin/add-dsa-needed.sh @@ -0,0 +1,75 @@ +#!/bin/sh + +#################### +# Copyright (C) 2014 by Raphael Geissert <geissert@debian.org> +# +# +# This file is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This file is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this file. If not, see <http://www.gnu.org/licenses/>. +#################### + +set -eu + +turl="https://security-tracker.debian.org/tracker/status/release" + +[ -f data/dsa-needed.txt ] || { + echo "error: run this script from the top-level dir of the reppo" >&2 + exit 1 +} + +tmpd="$(mktemp -d)" +cleanup() { + rm -r "$tmpd" +} +trap cleanup EXIT + +for release in oldstable stable; do + HOME=$tmpd w3m $turl/$release > $tmpd/$release.txt + seen_marker=false + while read line; do + if ! $seen_marker; then + case "$line" in + *Package*Bug*) + seen_marker=true + ;; + esac + else + case "$line" in + [a-z]*) + # a package + pkg="$(echo "$line" | awk -F' ' '{ print $1 }')" # | sed -rn 's/^([a-z][^ \t]+)/\1/;T;p')" + if ! grep -qE "^$pkg(/$release)?( |\$)" data/dsa-needed.txt; then + echo "$pkg" >> $tmpd/toadd-$release.txt + fi + ;; + '') + # end of the list of packages + break + ;; + esac + fi + done < $tmpd/$release.txt +done + +cat $tmpd/toadd-stable.txt $tmpd/toadd-oldstable.txt | sort | uniq -d | +while read pkg; do + printf "%s\n--\n" "$pkg" >> data/dsa-needed.txt + sed -ri "/^$pkg\$/d" $tmpd/toadd-stable.txt + sed -ri "/^$pkg\$/d" $tmpd/toadd-oldstable.txt +done + +for release in oldstable stable; do + while read pkg; do + printf "%s/%s\n--\n" "$pkg" "$release" >> data/dsa-needed.txt + done < $tmpd/toadd-$release.txt +done |