Merge ~rodrigo-zaiden/ubuntu-cve-tracker:check_cves_uris into ubuntu-cve-tracker:master
Status: | Merged |
---|---|
Merged at revision: | eecc4691546f96a328e7b2bdce2532b026a21549 |
Proposed branch: | ~rodrigo-zaiden/ubuntu-cve-tracker:check_cves_uris |
Merge into: | ubuntu-cve-tracker:master |
Diff against target: |
22 lines (+3/-1) 1 file modified
scripts/check-cves (+3/-1) |
Related bugs: |
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Mark Esler | Approve | ||
Marc Deslauriers | Approve | ||
Review via email: mp+463152@code.launchpad.net |
Commit message
scripts/
if we set allitems.xml from MITRE by default, it is always loading
that XML no matter if we have configured another path in
.ubuntu-
as a fallback if anything is set in the configuration file.
Description of the change
The idea of this commit is to re establish the MITRE's huge XML file
https:/
as the place to fetch for CVEs if, and only if, no other argument is used.
If we are using an specific source of CVEs to be imported we don't normally
use the 'allitems.xml' file from mitre.
Having it on default for the 'uris' argument, will make us check it no
matter if we have something being imported or not, that is, we will always
be checking 'allitems.xml' and what we passed along, for example:
if 'secure_
we run:
$UCT/scripts/
we are going to have:
Loading /home/rodrigo/
Loading https:/
when actually, the 'allitems.xml' used to be the fallback place to fetch
CVEs when another location is not set. at least this was the behavior
before commit 8b896cae083748f
The current behavior is happening because the mitre's URL is the default
for 'uris' and any other argument is appended to it.
The proposal is to move that URL back for the case that the script can't
find a proper place to look for CVEs.
LGTM, ack.