Ubuntu CVE Tracker

Code review comment for ~eslerm/ubuntu-cve-tracker:website-fix-tag

  1. Git
  2. lp:~eslerm/ubuntu-cve-tracker
  3. website-fix-tag
  4. Merge into master
Revision history for this message
Mark Esler (eslerm) wrote (last edit ):

I can move this to cve_lib if preferred. I've been hesitant to move the kludge there.

To remove all kludges, our deb822 UCT file format should change to properly track tags. i.e., tags shouldn't exist as part of the url string. (To do this, tags would first need to be sanitized to remove whitespace. And what to do in the case of no tags would need to be worked out.)

e.g.,

```
diff --git a/active/CVE-2023-2953 b/active/CVE-2023-2953
index 453ef36a951..3f5664ce223 100644
--- a/active/CVE-2023-2953
+++ b/active/CVE-2023-2953
@@ -20,12 +20,16 @@ CVSS:
  nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H [7.5 HIGH]

 Patches_openldap:
- upstream: https://git.openldap.org/openldap/openldap/-/commit/ea8dd2d279c5aeaf9d4672a4e95bebd99babcce1 (master)
- upstream: https://git.openldap.org/openldap/openldap/-/commit/3f2abd0b2eeec8522e50d5c4ea4992e70e8f9915 (master)
- upstream: https://git.openldap.org/openldap/openldap/-/commit/c5c8c06a8bd52ea7b843e7d8ca961a7d1800ce5f (2_6_4)
- upstream: https://git.openldap.org/openldap/openldap/-/commit/840944e26f734bb03d925f26c4ef11a6cedcbb9c (2_6_4)
- upstream: https://git.openldap.org/openldap/openldap/-/commit/752d320cf96e46f24c0900f1a8f6af0a3fc3c4ce (2_5_14)
- upstream: https://git.openldap.org/openldap/openldap/-/commit/6563fab9e2feccb0a684d0398e78571d09fb808b (2_5_14)
+ upstream:
+ master:
+ https://git.openldap.org/openldap/openldap/-/commit/ea8dd2d279c5aeaf9d4672a4e95bebd99babcce1
+ https://git.openldap.org/openldap/openldap/-/commit/3f2abd0b2eeec8522e50d5c4ea4992e70e8f9915
+ 2_6_4:
+ https://git.openldap.org/openldap/openldap/-/commit/c5c8c06a8bd52ea7b843e7d8ca961a7d1800ce5f
+ https://git.openldap.org/openldap/openldap/-/commit/840944e26f734bb03d925f26c4ef11a6cedcbb9c
+ 2_5_14:
+ https://git.openldap.org/openldap/openldap/-/commit/752d320cf96e46f24c0900f1a8f6af0a3fc3c4ce
+ https://git.openldap.org/openldap/openldap/-/commit/6563fab9e2feccb0a684d0398e78571d09fb808b
 upstream_openldap: released (2.6.4)
 trusty_openldap: ignored (end of standard support)
 trusty/esm_openldap: released (2.4.31-1+nmu2ubuntu8.5+esm6)
```

edit: Launchpad does not show whitespace of the above example well. Please check in an editor.

« Back to merge proposal