Ubuntu CVE Tracker

Merge ~alexmurray/ubuntu-cve-tracker:always-add-cve-entries-for-standard-ubuntu-releases into ubuntu-cve-tracker:master

  1. Git
  2. lp:~alexmurray/ubuntu-cve-tracker
  3. always-add-cve-entries-for-standard-ubuntu-releases
  4. Merge into master
Proposed by Alex Murray
Status: Merged
Merged at revision: b9ce77bde55cfb445398411e7de0f8231a241d24
Proposed branch: ~alexmurray/ubuntu-cve-tracker:always-add-cve-entries-for-standard-ubuntu-releases
Merge into: ubuntu-cve-tracker:master
Diff against target: 46 lines (+17/-4)
1 file modified
scripts/active_edit (+17/-4)
Reviewer Review Type Date Requested Status
Steve Beattie Approve
Review via email: mp+425365@code.launchpad.net

Description of the change

This will add entries like:

bionic_pkg: DNE

When a package doesn't exist on an older release like bionic, but *won't* add say an entry like:

esm-infra/xenial: DNE

to avoid cluttering CVE files with too many empty entries.

To post a comment you must log in.
Revision history for this message
Steve Beattie (sbeattie) wrote :

This LGTM, thanks!

review: Approve
Revision history for this message
Alex Murray (alexmurray) wrote :

Thanks Steve :)

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/scripts/active_edit b/scripts/active_edit
2index 3371340..8f65066 100755
3--- a/scripts/active_edit
4+++ b/scripts/active_edit
5@@ -153,7 +153,13 @@ def update_cve(cve, pkgname, fixed_in=None, fixed_in_release=None, fixed_in_rele
6 continue
7 state = "needs-triage"
8 if not pkg_in_rel(pkgname, release):
9- continue
10+ # package doesn't exist in this release - we want to
11+ # specify whether it exists but only for progenitor
12+ # releases, not derived ones
13+ if not cve_lib.release_progenitor(release):
14+ state = "DNE"
15+ else:
16+ continue
17 elif cve_lib.is_active_esm_release(r):
18 state = "ignored (out of standard support)"
19 elif r == 'upstream' and fixed_in is not None:
20@@ -242,7 +248,13 @@ def create_cve(cve, pkgname, fixed_in=None, fixed_in_release=None, fixed_in_rele
21 if (rel_pat.search(line)):
22 state = "needs-triage"
23 if not pkg_in_rel(pkgname, release):
24- continue
25+ # package doesn't exist in this release - we want to
26+ # specify whether it exists but only for progenitor
27+ # releases, not derived ones
28+ if not cve_lib.release_progenitor(release):
29+ state = "DNE"
30+ else:
31+ continue
32 elif cve_lib.is_active_esm_release(release):
33 state = "ignored (out of standard support)"
34 elif release == 'upstream' and fixed_in is not None:
35@@ -252,8 +264,9 @@ def create_cve(cve, pkgname, fixed_in=None, fixed_in_release=None, fixed_in_rele
36 higher_not_affected = True
37 elif higher_not_affected:
38 state = "not-affected"
39- contents += "%s_%s: %s\n" % (release, pkgname, state)
40- added.add(release)
41+ if release not in added:
42+ contents += "%s_%s: %s\n" % (release, pkgname, state)
43+ added.add(release)
44 elif ref_pat.search(line):
45 if not re.search(r'N', cve):
46 contents += line + "\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=" + cve + "\n"

Subscribers

People subscribed via source and target branches