diff options
author | Emilio Pozuelo Monfort <pochu@debian.org> | 2018-06-01 13:52:53 +0200 |
---|---|---|
committer | Emilio Pozuelo Monfort <pochu@debian.org> | 2018-06-08 10:04:06 +0200 |
commit | 2644d18222cf9ca773344617788a792fe2da8c0c (patch) | |
tree | 43bc5ccd82e7908341e7d0ff2aac0a3fddffcdca /lib | |
parent | dc72a7a42bea08b10522dcaaa295e9120cbe1b3e (diff) |
Dynamically create announce queries
Based on the DSA-like files present in the config file.
Diffstat (limited to 'lib')
-rw-r--r-- | lib/python/security_db.py | 22 |
1 files changed, 20 insertions, 2 deletions
diff --git a/lib/python/security_db.py b/lib/python/security_db.py index 9c7d4afd8b..9bcbb3eaec 100644 --- a/lib/python/security_db.py +++ b/lib/python/security_db.py @@ -862,6 +862,22 @@ class DB: return sources + def genDBAdvisoryString(self, field, dtsa=False): + sources = self.getSources() + advs = [] + + for path, cls in sources.iteritems(): + name = path.split('/')[1] + + if cls == 'DSAFile': + advs.append(name) + + if cls == 'DTSAFile' and dtsa: + advs.append(name) + + advs = ["{} LIKE '{}-%'".format(field, adv) for adv in advs] + return " OR ".join(advs) + def readBugs(self, cursor, path): if self.verbose: print "readBugs:" @@ -968,9 +984,10 @@ class DB: # Copy notes from DSA/DTSA/DLA to CVE. old_source = '' + source_like = self.genDBAdvisoryString("source", dtsa=True) for source, target in list(cursor.execute( """SELECT source, target FROM bugs_xref - WHERE (source LIKE 'DTSA-%' OR source LIKE 'DSA-%' OR source LIKE 'DLA-%') + WHERE (""" + source_like + """) AND target LIKE 'CVE-%'""")): if source <> old_source: source_bug = bugs.BugFromDB(cursor, source) @@ -1849,11 +1866,12 @@ class DB: return flag def getDSAsForSourcePackage(self, cursor, package): + bugs_like = self.genDBAdvisoryString("bugs.name", dtsa=False) for row in cursor.execute( """SELECT bugs.name, bugs.description FROM bugs, package_notes as p WHERE p.bug_name = bugs.name - AND ( bugs.name LIKE 'DSA-%' OR bugs.name LIKE 'DLA-%') + AND ( """ + bugs_like + """ ) AND p.package = ? ORDER BY bugs.release_date DESC""", (package,)): yield DSAsForSourcePackage(*row) |