Ubuntu CVE Tracker

Merge ubuntu-cve-tracker:cve_oval_adding_packages_filter into ubuntu-cve-tracker:master

  1. Git
  2. lp:ubuntu-cve-tracker
  3. cve_oval_adding_packages_filter
  4. Merge into master
Proposed by Leonidas S. Barbosa
Status: Merged
Merge reported by: Eduardo Barretto
Merged at revision: 15a115dc0362827e0ebd8f2d41fd437f3bcffb91
Proposed branch: ubuntu-cve-tracker:cve_oval_adding_packages_filter
Merge into: ubuntu-cve-tracker:master
Diff against target: 47 lines (+12/-2)
1 file modified
scripts/generate-oval (+12/-2)
Reviewer Review Type Date Requested Status
Eduardo Barretto Approve
Review via email: mp+401058@code.launchpad.net

Commit message

Adding --packages support for CVE oval

Description of the change

Adds a new option --packages so the CVE oval can be generate do a subset of packages given in that option.

To post a comment you must log in.
Revision history for this message
Eduardo Barretto (ebarretto) wrote :

A few things need fixing, please check comments below.

review: Needs Fixing
ubuntu-cve-tracker:cve_oval_adding_packages_filter updated
557092f... by Leonidas S. Barbosa

Merge branch 'cve_oval_adding_packages_filter' of git+ssh://git.launchpad.net/ubuntu-cve-tracker into cve_oval_adding_packages_filter

15a115d... by Leonidas S. Barbosa

Adding pkg filter to cve-oval

Revision history for this message
Eduardo Barretto (ebarretto) wrote :

LGTM

review: Approve
Revision history for this message
Eduardo Barretto (ebarretto) wrote :

This was merged in b063f55049
Closing this PR.

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/scripts/generate-oval b/scripts/generate-oval
2index f3746a1..9cd1055 100755
3--- a/scripts/generate-oval
4+++ b/scripts/generate-oval
5@@ -142,6 +142,9 @@ def main():
6 help='if passed specifics a USN for the oval_usn generator')
7 parser.add_argument('--usn-oval-release', default=None, type=str,
8 help='specifies a release to generate the oval usn')
9+ parser.add_argument('--packages', nargs='+', action='store', default=None,
10+ help='generates oval for specific packages. Only for'+
11+ ' CVE OVAL')
12
13 args = parser.parse_args()
14 pathnames = args.pathname or default_cves_to_process
15@@ -209,8 +212,12 @@ def main():
16 files.sort()
17
18 files_count = len(files)
19+ pkg_filter = None
20+ if args.packages:
21+ pkg_filter = args.packages
22+
23 for i_file, filepath in enumerate(files):
24- cve_data = parse_cve_file(filepath, cache)
25+ cve_data = parse_cve_file(filepath, cache, pkg_filter)
26
27 # skip CVEs without packages for supported releases
28 if not cve_data['packages']:
29@@ -338,7 +345,7 @@ def ignore_source_package(source):
30 return False
31
32
33-def parse_cve_file(filepath, cache):
34+def parse_cve_file(filepath, cache, pkg_filter=None):
35 """ parse CVE data file into a dictionary """
36
37 cve_header_data = {
38@@ -419,6 +426,9 @@ def parse_cve_file(filepath, cache):
39 key = keys[0]
40 if len(keys) == 2:
41 package = keys[1]
42+ if pkg_filter:
43+ if package not in pkg_filter:
44+ continue
45 current_package = package
46 else:
47 package = current_package

Subscribers

People subscribed via source and target branches