Ubuntu CVE Tracker

Merge ~emitorino/ubuntu-cve-tracker:updates_to_scripts_to_support_metrics into ubuntu-cve-tracker:master

  1. Git
  2. lp:~emitorino/ubuntu-cve-tracker
  3. updates_to_scripts_to_support_metrics
  4. Merge into master
Proposed by Emilia Torino
Status: Merged
Merged at revision: 2ef5407e210b60bc47cedf945cc06f398601829d
Proposed branch: ~emitorino/ubuntu-cve-tracker:updates_to_scripts_to_support_metrics
Merge into: ubuntu-cve-tracker:master
Diff against target: 46 lines (+13/-2)
1 file modified
scripts/cve_lib.py (+13/-2)
Reviewer Review Type Date Requested Status
Paulo Flabiano Smorigo Approve
Spyros Seimenis Approve
Eduardo Barretto Approve
Review via email: mp+420516@code.launchpad.net

Commit message

-cve_lib.py:
  * support for optionally loading ignored and retired cves on load_table()
  * checking if release is in map before inspecting if pkg is in release on is_parter()
  * adding new get_all_cve_list() to get the list of active, embargoed, retired and ignored cves (get_cve_list() returns active and embargoed, get_cve_list_and_retired() returns get_cve_list() + ignored so there was none returning retired ones)

Description of the change

To support inspecting CVEs files for the purpose of the new metrics, we need to extend the current cve_lib to also laod cves from ingored and retired directories.

To post a comment you must log in.
Revision history for this message
Eduardo Barretto (ebarretto) wrote :

lgtm

review: Approve
Revision history for this message
Spyros Seimenis (sespiros) wrote :

lgtm

review: Approve
Revision history for this message
Paulo Flabiano Smorigo (pfsmorigo) wrote :

LGTM

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/scripts/cve_lib.py b/scripts/cve_lib.py
2index 1f9034e..e850011 100755
3--- a/scripts/cve_lib.py
4+++ b/scripts/cve_lib.py
5@@ -1547,6 +1547,13 @@ def get_cve_list_and_retired():
6 return (cves + rcves, uems, rcves)
7
8
9+def get_all_cve_list():
10+ cves, uems, rcves = get_cve_list_and_retired()
11+ icves = [elem for elem in os.listdir(ignored_dir)
12+ if re.match('^CVE-\d+-(\d|N)+$', elem)]
13+ return (cves + icves, uems, rcves, icves)
14+
15+
16 def contextual_priority(cveinfo, pkg=None, rel=None):
17 '''Return the priority based on release, then package, then global'''
18 if pkg:
19@@ -1988,7 +1995,7 @@ def load_all(cves, uems, rcves=[]):
20 # pkgfamily = rename linux-source-* packages to "linux", or "xen-*" to "xen"
21 # packages = list of packages to pay attention to
22 # debug = bool, display debug information
23-def load_table(cves, uems, opt=None):
24+def load_table(cves, uems, opt=None, rcves=[], icves=[]):
25 table = dict()
26 priority = dict()
27 listcves = []
28@@ -2000,6 +2007,10 @@ def load_table(cves, uems, opt=None):
29 cvedir = active_dir
30 if cve in uems:
31 cvedir = embargoed_dir
32+ elif cve in rcves:
33+ cvedir = retired_dir
34+ elif cve in icves:
35+ cvedir = ignored_dir
36 cvefile = os.path.join(cvedir, cve)
37 info = load_cve(cvefile)
38 cveinfo[cve] = info
39@@ -2128,7 +2139,7 @@ def any_supported(map, pkg, releases, cvedata):
40
41
42 def is_partner(map, pkg, rel):
43- if pkg in map[rel] and map[rel][pkg]['section'] == 'partner':
44+ if rel in map and pkg in map[rel] and map[rel][pkg]['section'] == 'partner':
45 return True
46 return False
47

Subscribers

People subscribed via source and target branches