Merge ubuntu-cve-tracker:fixup-fixup into ubuntu-cve-tracker:master
- Git
- lp:ubuntu-cve-tracker
- fixup-fixup
- Merge into master
Proposed by
Marc Deslauriers
Status: | Merged |
---|---|
Merge reported by: | Marc Deslauriers |
Merged at revision: | 5141fa1dbe24201c81069ba3b2d5fa20f5b493e5 |
Proposed branch: | ubuntu-cve-tracker:fixup-fixup |
Merge into: | ubuntu-cve-tracker:master |
Diff against target: |
2340 lines (+1781/-275) 25 files modified
dev/null (+0/-233) scripts/check-syntax (+133/-18) scripts/cve_lib.py (+79/-9) scripts/test_cve_lib.py (+86/-15) scripts/testfiles/cve_lib_test.example (+71/-0) scripts/testfiles/cve_lib_test_1.in (+70/-0) scripts/testfiles/cve_lib_test_1.result (+71/-0) scripts/testfiles/cve_lib_test_10.in (+71/-0) scripts/testfiles/cve_lib_test_10.result (+70/-0) scripts/testfiles/cve_lib_test_2.in (+70/-0) scripts/testfiles/cve_lib_test_2.result (+71/-0) scripts/testfiles/cve_lib_test_3.in (+70/-0) scripts/testfiles/cve_lib_test_3.result (+71/-0) scripts/testfiles/cve_lib_test_4.in (+70/-0) scripts/testfiles/cve_lib_test_4.result (+71/-0) scripts/testfiles/cve_lib_test_5.in (+70/-0) scripts/testfiles/cve_lib_test_5.result (+71/-0) scripts/testfiles/cve_lib_test_6.in (+70/-0) scripts/testfiles/cve_lib_test_6.result (+71/-0) scripts/testfiles/cve_lib_test_7.in (+71/-0) scripts/testfiles/cve_lib_test_7.result (+71/-0) scripts/testfiles/cve_lib_test_8.in (+71/-0) scripts/testfiles/cve_lib_test_8.result (+71/-0) scripts/testfiles/cve_lib_test_9.in (+70/-0) scripts/testfiles/cve_lib_test_9.result (+71/-0) |
Related bugs: |
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Rodrigo Figueiredo Zaiden | Approve | ||
Review via email: mp+460700@code.launchpad.net |
Commit message
This series of commits removes the hackish check-syntax-fixup script and adds proper --autofix and --dry-run options to the check-syntax script itself.
Description of the change
To post a comment you must log in.
Revision history for this message
Rodrigo Figueiredo Zaiden (rodrigo-zaiden) wrote : | # |
review:
Approve
Revision history for this message
Marc Deslauriers (mdeslaur) wrote : | # |
thanks for the review! :)
Preview Diff
[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1 | diff --git a/scripts/check-syntax b/scripts/check-syntax |
2 | index 3d7ee58..d253622 100755 |
3 | --- a/scripts/check-syntax |
4 | +++ b/scripts/check-syntax |
5 | @@ -242,6 +242,19 @@ parser.add_option( |
6 | default=False, |
7 | ) |
8 | parser.add_option( |
9 | + "-a", |
10 | + "--autofix", |
11 | + help="Attempt to fix problems automatically", |
12 | + action="store_true", |
13 | + default=False, |
14 | +) |
15 | +parser.add_option( |
16 | + "--dry-run", |
17 | + help="Dry run for autofix parameter", |
18 | + action="store_true", |
19 | + default=False, |
20 | +) |
21 | +parser.add_option( |
22 | "-j", |
23 | "--jobs", |
24 | type=int, |
25 | @@ -383,6 +396,103 @@ if len(cna_cves_set) > 0 and all_files: |
26 | |
27 | aliases_cache = {} |
28 | |
29 | +def fixup_entry(filename, pkg, rel): |
30 | + # If release is devel or EOL, we should add the proper status instead of removing |
31 | + if rel == cve_lib.devel_release: |
32 | + rel = "devel" |
33 | + if opt.dry_run: |
34 | + print("Dry-Run: updating %s, %s, devel to DNE" % (filename, pkg)) |
35 | + return |
36 | + cve_lib.update_state(filename, pkg, "devel", "DNE") |
37 | + elif not cve_lib.is_active_release(rel): |
38 | + if cve_lib.is_active_esm_release(rel): |
39 | + status = cve_lib.EOL_ESM_STATUS.format(state='unknown') |
40 | + else: |
41 | + status = cve_lib.EOL_STATUS.format(state='unknown') |
42 | + |
43 | + if opt.dry_run: |
44 | + print("Dry-Run: updating %s, %s, %s to %s" % (filename, pkg, rel, status)) |
45 | + return |
46 | + cve_lib.update_state(filename, pkg, rel, status) |
47 | + |
48 | + else: |
49 | + if opt.dry_run: |
50 | + print("Dry-Run: dropping %s, %s, %s" % (filename, pkg, rel)) |
51 | + return |
52 | + cve_lib.drop_pkg_release(filename, pkg, rel) |
53 | + |
54 | +def fixup_entry_state(filename, pkg, rel, state): |
55 | + if opt.dry_run: |
56 | + print("Dry-Run: updating %s, %s, %s to %s" % (filename, pkg, rel, state)) |
57 | + return |
58 | + |
59 | + cve_lib.update_state(filename, pkg, rel, state) |
60 | + |
61 | +def fixup_entry_get_status(filename, pkg, rel): |
62 | + # get status from the parent release if there is one |
63 | + status = "needs-triage" |
64 | + try: |
65 | + _, _, _, details = cve_lib.get_subproject_details(rel) |
66 | + parent = details["parent"] |
67 | + # this may be either an alias or a full name but cve_lib only |
68 | + # uses aliases |
69 | + parent = cve_lib.release_alias(parent) |
70 | + data = cve_lib.load_cve(filename) |
71 | + status = data["pkgs"][pkg][parent][0] |
72 | + note = data["pkgs"][pkg][parent][1] |
73 | + if len(note) > 0: |
74 | + status = status + " (" + note + ")" |
75 | + # if parent reached EOL then we are likely the new alive |
76 | + # release so ignore their status in that case |
77 | + if "end of life" in status or "end of standard support" in status: |
78 | + status = 'needs-triage' |
79 | + except (KeyError, ValueError, TypeError): |
80 | + pass |
81 | + |
82 | + return status |
83 | + |
84 | +def fixup_entry_missing(filename, pkg, rel): |
85 | + status = fixup_entry_get_status(filename, pkg, rel) |
86 | + |
87 | + if rel == cve_lib.devel_release: |
88 | + rel = "devel" |
89 | + |
90 | + if opt.dry_run: |
91 | + print("Dry-Run: Adding %s, %s, %s to %s" % (filename, pkg, rel, status)) |
92 | + return |
93 | + |
94 | + cve_lib.add_state(filename, pkg, rel, status) |
95 | + |
96 | +def fixup_entry_wrong(filename, pkg, rel): |
97 | + status = fixup_entry_get_status(filename, pkg, rel) |
98 | + |
99 | + if rel == cve_lib.devel_release: |
100 | + rel = "devel" |
101 | + |
102 | + if opt.dry_run: |
103 | + print("Dry-Run: updating %s, %s, %s to %s" % (filename, pkg, rel, status)) |
104 | + return |
105 | + |
106 | + cve_lib.update_state(filename, pkg, rel, status, None) |
107 | + |
108 | +def get_cve_path(cve, rel): |
109 | + |
110 | + cve = os.path.basename(cve) |
111 | + if rel in cve_lib.external_releases: |
112 | + # FIXME: Should we also be using get_external_subproject_dir here? |
113 | + cvepath = os.path.join( |
114 | + cve_lib.get_external_subproject_cve_dir(rel), cve |
115 | + ) |
116 | + else: |
117 | + # Try and find where this CVE is located |
118 | + for d in cve_lib.cve_dirs: |
119 | + cvepath = os.path.join(d, cve) |
120 | + if os.path.exists(cvepath): |
121 | + return cvepath |
122 | + # Fall back to the active directory if that didn't work? |
123 | + cvepath = os.path.join(cve_lib.active_dir, cve) |
124 | + return cvepath |
125 | + |
126 | def check_cve(cve): |
127 | if re.match(r"EMB-", cve): |
128 | cvepath = os.path.join(cve_lib.embargoed_dir, cve) |
129 | @@ -447,9 +557,6 @@ def check_cve(cve): |
130 | # Verify have required releases for each package |
131 | listed_releases = set(sorted(data["pkgs"][pkg].keys())) |
132 | all_required_releases = (set(cve_lib.all_releases + ["devel"]) - set([cve_lib.devel_release])) - set(cve_lib.eol_releases) |
133 | - # get the name of a release which is listed in the CVE so we can |
134 | - # place the generated error message on this release's line etc |
135 | - nearby_rel = list(listed_releases)[0] |
136 | aliases_releases = set() |
137 | |
138 | listed_series = set() |
139 | @@ -486,12 +593,10 @@ def check_cve(cve): |
140 | |
141 | for pkg_alias in pkgs_from_aliases: |
142 | if pkg_alias not in data["pkgs"].keys(): |
143 | - filename = srcmap["pkgs"][pkg][nearby_rel][0] |
144 | - linenum = srcmap["pkgs"][pkg][nearby_rel][1] |
145 | + filename = get_cve_path(cve, rel) |
146 | print( |
147 | - "%s: %d: %s missing release '%s'" |
148 | - # put the error on a line near where this entry should go |
149 | - % (filename, linenum, pkg_alias, rel), |
150 | + "%s: %s missing release '%s'" |
151 | + % (filename, pkg_alias, rel), |
152 | file=sys.stderr, |
153 | ) |
154 | cve_okay = False |
155 | @@ -501,15 +606,13 @@ def check_cve(cve): |
156 | if aliases: |
157 | if rel in listed_releases and pkg \ |
158 | not in pkgs_from_aliases: |
159 | - filename = srcmap["pkgs"][pkg][nearby_rel][0] |
160 | - linenum = srcmap["pkgs"][pkg][nearby_rel][1] |
161 | + filename = get_cve_path(cve, rel) |
162 | print( |
163 | - "%s: %d: package '%s' not in '%s'" |
164 | - % (filename, linenum, pkg, rel), |
165 | + "%s: package '%s' not in '%s'" |
166 | + % (filename, pkg, rel), |
167 | file=sys.stderr, |
168 | ) |
169 | missing_releases = all_required_releases - listed_releases |
170 | - nearby_rel = list(listed_releases - missing_releases)[0] |
171 | for rel in missing_releases: |
172 | # only warn on active CVEs |
173 | if is_active(cve) and \ |
174 | @@ -519,14 +622,14 @@ def check_cve(cve): |
175 | # we shouldn't add any entries to the CVE |
176 | if not cve_lib.is_cve_triage_required(rel): continue |
177 | |
178 | - filename = srcmap["pkgs"][pkg][nearby_rel][0] |
179 | - linenum = srcmap["pkgs"][pkg][nearby_rel][1] |
180 | + filename = get_cve_path(cve, rel) |
181 | print( |
182 | - "%s: %d: %s missing release '%s'" |
183 | - # put the error on a line near where this entry should go |
184 | - % (filename, linenum, pkg, rel), |
185 | + "%s: %s missing release '%s'" |
186 | + % (filename, pkg, rel), |
187 | file=sys.stderr, |
188 | ) |
189 | + if opt.autofix: |
190 | + fixup_entry_missing(filename, pkg, rel) |
191 | cve_okay = False |
192 | unknown_releases = listed_releases - set(cve_lib.all_releases + ["devel", "upstream"]) |
193 | for rel in unknown_releases: |
194 | @@ -537,6 +640,8 @@ def check_cve(cve): |
195 | % (filename, linenum, pkg, rel), |
196 | file=sys.stderr, |
197 | ) |
198 | + if opt.autofix: |
199 | + fixup_entry(filename, pkg, rel) |
200 | cve_okay = False |
201 | for release in sorted(data["pkgs"][pkg].keys()): |
202 | rel = release |
203 | @@ -590,6 +695,8 @@ def check_cve(cve): |
204 | % (filename, linenum, pkg, state, rel, fixed_state), |
205 | file=sys.stderr, |
206 | ) |
207 | + if opt.autofix: |
208 | + fixup_entry_state(filename, pkg, rel, fixed_state) |
209 | cve_okay = False |
210 | # REMOVED THIS CHECK TEMPORARILY WHILE WE WORK IN ANOTHER SOLUTION |
211 | # elif state == 'ignored': |
212 | @@ -601,6 +708,8 @@ def check_cve(cve): |
213 | # % (filename, linenum, pkg, details[1], rel, fixed_state), |
214 | # file=sys.stderr, |
215 | # ) |
216 | + # if opt.autofix: |
217 | + # fixup_entry_state(filename, pkg, rel, fixed_state) |
218 | # cve_okay = False |
219 | continue |
220 | |
221 | @@ -625,6 +734,8 @@ def check_cve(cve): |
222 | % (filename, linenum, pkg, rel), |
223 | file=sys.stderr, |
224 | ) |
225 | + if opt.autofix: |
226 | + fixup_entry_wrong(filename, pkg, rel) |
227 | cve_okay = False |
228 | continue |
229 | |
230 | @@ -667,6 +778,8 @@ def check_cve(cve): |
231 | % (filename, linenum, pkg, rel), |
232 | file=sys.stderr, |
233 | ) |
234 | + if opt.autofix: |
235 | + fixup_entry(filename, pkg, rel) |
236 | cve_okay = False |
237 | else: |
238 | if rel in source: |
239 | @@ -703,6 +816,8 @@ def check_cve(cve): |
240 | % (filename, linenum, pkg, rel), |
241 | file=sys.stderr, |
242 | ) |
243 | + if opt.autofix: |
244 | + fixup_entry(filename, pkg, rel) |
245 | cve_okay = False |
246 | elif opt.strict and not opt.newer: |
247 | # Validate the version is <= version in release |
248 | diff --git a/scripts/check-syntax-fixup b/scripts/check-syntax-fixup |
249 | deleted file mode 100755 |
250 | index 0ce195b..0000000 |
251 | --- a/scripts/check-syntax-fixup |
252 | +++ /dev/null |
253 | @@ -1,233 +0,0 @@ |
254 | -#!/usr/bin/env python3 |
255 | - |
256 | -# Author: Alex Murray <alex.murray@canonical.com> |
257 | -# Copyright (C) 2021 Canonical Ltd. |
258 | -# |
259 | -# This script is distributed under the terms and conditions of the GNU General |
260 | -# Public License, Version 2 or later. See http://www.gnu.org/copyleft/gpl.html |
261 | -# for details. |
262 | - |
263 | -# |
264 | -# This script uses the output of check-syntax to determine what needs to |
265 | -# be fixed. Typical usage is: |
266 | -# |
267 | -# ./scripts/check-syntax 2>&1 | ./scripts/check-syntax-fixup |
268 | -# |
269 | - |
270 | -import argparse |
271 | -import os |
272 | -import sys |
273 | -import cve_lib |
274 | - |
275 | - |
276 | -def insert_into_file(filename: str, linenum: int, line: str, dryrun=False, verbose=False): |
277 | - """Insert line into filename at linenum.""" |
278 | - if not dryrun: |
279 | - # file may not already exist |
280 | - contents = [] |
281 | - try: |
282 | - with open(filename, "r") as f: |
283 | - contents = f.readlines() |
284 | - except FileNotFoundError: |
285 | - pass |
286 | - if verbose: |
287 | - print("%s: %d: inserting '%s'" % (os.path.relpath(filename), linenum, line.strip())) |
288 | - # linenum is 1 based but arrays are 0-based |
289 | - contents.insert(linenum - 1, line) |
290 | - with open(cve, "w") as f: |
291 | - f.write("".join(contents)) |
292 | - else: |
293 | - print("%s: %d: would insert '%s'" % (os.path.relpath(filename), linenum, line.strip())) |
294 | - |
295 | - |
296 | -def delete_from_file(filename: str, linenum: int, dryrun=False, verbose=False): |
297 | - """Delete line at linenum from filename.""" |
298 | - if not dryrun: |
299 | - # file may not already exist |
300 | - contents = [] |
301 | - try: |
302 | - with open(filename, "r") as f: |
303 | - contents = f.readlines() |
304 | - except FileNotFoundError: |
305 | - pass |
306 | - if verbose: |
307 | - print("%s: %d: deleting... " % (os.path.relpath(filename), linenum)) |
308 | - # linenum is 1 based but arrays are 0-based |
309 | - del contents[linenum - 1] |
310 | - with open(cve, "w") as f: |
311 | - f.write("".join(contents)) |
312 | - else: |
313 | - print("%s: %d: would delete this line" % (os.path.relpath(filename), linenum)) |
314 | - |
315 | - |
316 | -def identify_subproject_line_number(filename: str, pkg: str, rel: str): |
317 | - # file may not already exist |
318 | - contents = [] |
319 | - try: |
320 | - with open(filename, "r") as f: |
321 | - contents = f.readlines() |
322 | - except FileNotFoundError: |
323 | - pass |
324 | - |
325 | - for linenum,line in enumerate(contents): |
326 | - if not line or ':' not in line or '_' not in line: |
327 | - continue |
328 | - line_rel, line_pkg = line.split(":")[0].split('_', maxsplit=1) |
329 | - if pkg == line_pkg and rel == line_rel: |
330 | - return linenum + 1 |
331 | - |
332 | - return -1 |
333 | - |
334 | -def get_pkg_rel_from_msg(msg): |
335 | - parts = msg.split(" ") |
336 | - if 'DOES exist' in msg or 'not in' in msg: |
337 | - pkg = parts[1].replace("'", "") |
338 | - rel = parts[-1].replace("'", "") |
339 | - elif 'unknown package' in msg: |
340 | - pkg = parts[2].replace("'", "") |
341 | - rel = parts[-1].replace("'", "") |
342 | - elif 'incorrect' in msg: |
343 | - pkg = parts[0].replace("'", "") |
344 | - rel = msg.split(', try')[0].split(' ')[-1].replace("'", "") |
345 | - else: |
346 | - pkg = parts[0] |
347 | - rel = parts[-1].replace("'", "") |
348 | - return pkg, rel |
349 | - |
350 | -parser = argparse.ArgumentParser("Automatically fixup issues flagged by check-syntax") |
351 | -parser.add_argument( |
352 | - "-n", |
353 | - "--dry-run", |
354 | - action="store_true", |
355 | - default=False, |
356 | - help="Don't perform any actual modifications just print what would be done.", |
357 | -) |
358 | -parser.add_argument( |
359 | - "-v", |
360 | - "--verbose", |
361 | - action="store_true", |
362 | - default=False, |
363 | - help="Print output for each operation performed.", |
364 | -) |
365 | -parser.add_argument( |
366 | - "infile", |
367 | - nargs="?", |
368 | - help="File to read input from. Defaults to stdin.", |
369 | - type=argparse.FileType("r"), |
370 | - default=sys.stdin, |
371 | -) |
372 | -args = parser.parse_args() |
373 | -if args.dry_run: |
374 | - print("DRY RUN - LIKE THE MATRIX, THIS IS JUST A SIMULATION.") |
375 | - |
376 | - |
377 | -modified = [] |
378 | - |
379 | -for line in args.infile: |
380 | - # skip warnings |
381 | - if line.startswith("WARNING:"): |
382 | - continue |
383 | - # parse out file name, line number, and message |
384 | - parts = line.split(":") |
385 | - if len(parts) != 3: |
386 | - continue |
387 | - # strip whitespace from all parts |
388 | - parts = map(lambda s: s.strip(), parts) |
389 | - cve, linenum, msg = parts |
390 | - linenum = int(linenum) |
391 | - |
392 | - # don't modify a file more than once otherwise the line numbers get out of whack |
393 | - if cve in modified: |
394 | - # print unhandled lines |
395 | - print(line, file=sys.stderr) |
396 | - continue |
397 | - |
398 | - if "missing release" in msg or 'DOES exist' in msg: |
399 | - # e.g. golang missing release 'gke/gke-1.19' |
400 | - # e.g. package 'libextractor' DOES exist in 'trusty/esm' |
401 | - pkg, rel = get_pkg_rel_from_msg(msg) |
402 | - |
403 | - # get status from the parent release if there is one |
404 | - status = "needs-triage" |
405 | - try: |
406 | - _, _, _, details = cve_lib.get_subproject_details(rel) |
407 | - parent = details["parent"] |
408 | - # this may be either an alias or a full name but cve_lib only |
409 | - # uses aliases |
410 | - parent = cve_lib.release_alias(parent) |
411 | - data = cve_lib.load_cve(cve) |
412 | - status = data["pkgs"][pkg][parent][0] |
413 | - note = data["pkgs"][pkg][parent][1] |
414 | - if len(note) > 0: |
415 | - status = status + " (" + note + ")" |
416 | - # if parent reached EOL then we are likely the new alive |
417 | - # release so ignore their status in that case |
418 | - if "end of life" in status or "end of standard support" in status: |
419 | - status = 'needs-triage' |
420 | - except (KeyError, ValueError, TypeError): |
421 | - pass |
422 | - |
423 | - if rel == cve_lib.devel_release: |
424 | - rel = "devel" |
425 | - |
426 | - fixup = "{rel}_{pkg}: {status}\n".format(rel=rel, pkg=pkg, status=status) |
427 | - |
428 | - # remove this hard-coded hack one-day... |
429 | - if rel in cve_lib.external_releases or \ |
430 | - (rel == "trusty/esm" and "DOES exist" in msg): |
431 | - cve = os.path.join( |
432 | - cve_lib.get_external_subproject_cve_dir(rel), os.path.basename(cve) |
433 | - ) |
434 | - linenum = identify_subproject_line_number(cve, pkg, rel) |
435 | - if linenum == -1: |
436 | - if 'DOES exist' in msg: |
437 | - continue |
438 | - linenum = 1 # We are inserting |
439 | - |
440 | - # Remove the 'DNE' line before adding the new one |
441 | - if 'DOES exist' in msg: |
442 | - delete_from_file(cve, linenum, args.dry_run, args.verbose) |
443 | - |
444 | - insert_into_file(cve, linenum, fixup, args.dry_run, args.verbose) |
445 | - modified.append(cve) |
446 | - |
447 | - elif "unknown package" in msg or "not in" in msg \ |
448 | - or "unknown release" in msg or "incorrect status"\ |
449 | - or "incorrect ignored detail" in msg: |
450 | - pkg, rel = get_pkg_rel_from_msg(msg) |
451 | - |
452 | - # remove this hard-coded hack one-day... |
453 | - if rel in cve_lib.external_releases or rel == "trusty/esm": |
454 | - cve = os.path.join( |
455 | - cve_lib.get_external_subproject_cve_dir(rel), os.path.basename(cve) |
456 | - ) |
457 | - linenum = identify_subproject_line_number(cve, pkg, rel) |
458 | - if linenum == -1: |
459 | - print(line, file=sys.stderr) |
460 | - continue |
461 | - |
462 | - # delete this line since |
463 | - delete_from_file(cve, linenum, args.dry_run, args.verbose) |
464 | - |
465 | - #if release is devel or EOL, we should add the proper status instead of removing |
466 | - if rel == cve_lib.devel_release: |
467 | - rel = "devel" |
468 | - fixup = "{rel}_{pkg}: {status}\n".format(rel=rel, pkg=pkg, status="DNE") |
469 | - insert_into_file(cve, linenum, fixup, args.dry_run, args.verbose) |
470 | - elif not cve_lib.is_active_release(rel): |
471 | - if 'incorrect' in msg: |
472 | - status = msg.split("try '")[1].replace("'", "") |
473 | - else: |
474 | - state = msg.split(' ')[3].replace("'", "") |
475 | - if cve_lib.is_active_esm_release(rel): |
476 | - status = cve_lib.EOL_ESM_STATUS.format(state=state) |
477 | - else: |
478 | - status = cve_lib.EOL_STATUS.format(state=state) |
479 | - |
480 | - fixup = "{rel}_{pkg}: {status}\n".format(rel=rel, pkg=pkg, status=status) |
481 | - insert_into_file(cve, linenum, fixup, args.dry_run, args.verbose) |
482 | - |
483 | - modified.append(cve) |
484 | - else: |
485 | - # print unhandled lines |
486 | - print(line, file=sys.stderr) |
487 | diff --git a/scripts/cve_lib.py b/scripts/cve_lib.py |
488 | index 68431ea..438348a 100755 |
489 | --- a/scripts/cve_lib.py |
490 | +++ b/scripts/cve_lib.py |
491 | @@ -1687,6 +1687,15 @@ def drop_dup_release(cve, rel): |
492 | output.close() |
493 | os.rename(cve + '.new', cve) |
494 | |
495 | +def drop_pkg_release(cve, pkg, rel): |
496 | + output = codecs.open(cve + ".new", 'w', encoding="utf-8") |
497 | + with codecs.open(cve, encoding="utf-8") as inF: |
498 | + lines = inF.readlines() |
499 | + for line in lines: |
500 | + if not line.startswith('%s_%s:' % (rel, pkg)): |
501 | + output.write(line) |
502 | + output.close() |
503 | + os.rename(cve + '.new', cve) |
504 | |
505 | def clone_release(cve, pkg, oldrel, newrel): |
506 | output = codecs.open(cve + ".new", 'w', encoding="utf-8") |
507 | @@ -1701,7 +1710,7 @@ def clone_release(cve, pkg, oldrel, newrel): |
508 | os.rename(cve + '.new', cve) |
509 | |
510 | |
511 | -def update_state(cve, pkg, rel, state, details): |
512 | +def update_state(cve, pkg, rel, state, details=None): |
513 | output = codecs.open(cve + ".new", 'w', encoding="utf-8") |
514 | with codecs.open(cve, encoding="utf-8") as inF: |
515 | lines = inF.readlines() |
516 | @@ -1716,18 +1725,79 @@ def update_state(cve, pkg, rel, state, details): |
517 | os.rename(cve + '.new', cve) |
518 | |
519 | |
520 | -def add_state(cve, pkg, rel, state, details, after_rel): |
521 | +def add_state(cve, pkg, rel, state, details=None, after_rel=None): |
522 | + new_line = '%s_%s: %s' % (rel, pkg, state) |
523 | + if details: |
524 | + new_line += ' (%s)' % (details) |
525 | + new_line += '\n' |
526 | + |
527 | + # This is a new file |
528 | + if not os.path.exists(cve): |
529 | + with open(cve, "w") as f: |
530 | + f.write(new_line) |
531 | + return |
532 | + |
533 | output = codecs.open(cve + ".new", 'w', encoding="utf-8") |
534 | with codecs.open(cve, encoding="utf-8") as inF: |
535 | lines = inF.readlines() |
536 | - for line in lines: |
537 | - if line.startswith('%s_%s:' % (after_rel, pkg)): |
538 | + |
539 | + if after_rel == None: |
540 | + index = None |
541 | + if rel != 'devel': |
542 | + index = all_releases.index(rel) |
543 | + done = False |
544 | + found_pkg = False |
545 | + for line in lines: |
546 | + if done: |
547 | + output.write(line) |
548 | + continue |
549 | + if not ('_%s:' % pkg) in line: |
550 | + # If we're past the package section, and we wanted to add |
551 | + # the devel release, stick it here |
552 | + if rel == 'devel' and found_pkg == True: |
553 | + output.write(new_line) |
554 | + done = True |
555 | + output.write(line) |
556 | + continue |
557 | + |
558 | + found_pkg = True |
559 | + if rel != 'devel': |
560 | + line_rel = line.split('_')[0] |
561 | + # Whoa, we hit the devel release, stick it here |
562 | + if line_rel == "devel": |
563 | + output.write(new_line) |
564 | + output.write(line) |
565 | + done = True |
566 | + continue |
567 | + |
568 | + # Does this look like a release name? |
569 | + if line_rel not in all_releases: |
570 | + output.write(line) |
571 | + continue |
572 | + |
573 | + # See if the release is bigger than ours, if so, stick it here |
574 | + if all_releases.index(line_rel) > index: |
575 | + output.write(new_line) |
576 | + output.write(line) |
577 | + done = True |
578 | + continue |
579 | + |
580 | + # Nothing to see here, move along |
581 | output.write(line) |
582 | - line = '%s_%s: %s' % (rel, pkg, state) |
583 | - if details: |
584 | - line += ' (%s)' % (details) |
585 | - line += '\n' |
586 | - output.write(line) |
587 | + |
588 | + # If we made it here, we didn't find a place to put it, just |
589 | + # stick it at the end of the file |
590 | + if done == False: |
591 | + output.write(new_line) |
592 | + |
593 | + else: |
594 | + for line in lines: |
595 | + if line.startswith('%s_%s:' % (after_rel, pkg)): |
596 | + output.write(line) |
597 | + output.write(new_line) |
598 | + else: |
599 | + output.write(line) |
600 | + |
601 | output.close() |
602 | os.rename(cve + '.new', cve) |
603 | |
604 | diff --git a/scripts/test_cve_lib.py b/scripts/test_cve_lib.py |
605 | index db9b4b2..f44b4d1 100755 |
606 | --- a/scripts/test_cve_lib.py |
607 | +++ b/scripts/test_cve_lib.py |
608 | @@ -7,6 +7,8 @@ import pytest |
609 | import random |
610 | import sys |
611 | import cve_lib |
612 | +import shutil |
613 | +import filecmp |
614 | |
615 | def pytest_generate_tests(metafunc): |
616 | if "cvss" in metafunc.fixturenames: |
617 | @@ -28,23 +30,24 @@ def pytest_generate_tests(metafunc): |
618 | print("Failed to find %s to generate test cases..." % nvdjson, file=sys.stderr) |
619 | metafunc.parametrize("cvss", [item for _, item in cvss.items()]) |
620 | |
621 | -def test_cvss_empty(): |
622 | - with pytest.raises(ValueError): |
623 | - cve_lib.parse_cvss('') |
624 | +class TestCVSS: |
625 | + def test_cvss_empty(self): |
626 | + with pytest.raises(ValueError): |
627 | + cve_lib.parse_cvss('') |
628 | |
629 | -def test_cvss_none(): |
630 | - with pytest.raises(ValueError): |
631 | - cve_lib.parse_cvss(None) |
632 | + def test_cvss_none(self): |
633 | + with pytest.raises(ValueError): |
634 | + cve_lib.parse_cvss(None) |
635 | |
636 | -def test_cvss(cvss): |
637 | - # hack around the fact that some cvssV3 entries use the cvssV2 |
638 | - # ADJACENT_NETWORK attackVector which is wrong... |
639 | - if cvss["baseMetricV3"]["cvssV3"]["attackVector"] == "ADJACENT_NETWORK": |
640 | - cvss["baseMetricV3"]["cvssV3"]["attackVector"] = "ADJACENT" |
641 | - js = cve_lib.parse_cvss(cvss["baseMetricV3"]["cvssV3"]["vectorString"]) |
642 | - # the existing impact may contain a baseMetricV2 or others so only |
643 | - # compare CVSS3 |
644 | - assert(js["baseMetricV3"] == cvss["baseMetricV3"]) |
645 | + def test_cvss(self, cvss): |
646 | + # hack around the fact that some cvssV3 entries use the cvssV2 |
647 | + # ADJACENT_NETWORK attackVector which is wrong... |
648 | + if cvss["baseMetricV3"]["cvssV3"]["attackVector"] == "ADJACENT_NETWORK": |
649 | + cvss["baseMetricV3"]["cvssV3"]["attackVector"] = "ADJACENT" |
650 | + js = cve_lib.parse_cvss(cvss["baseMetricV3"]["cvssV3"]["vectorString"]) |
651 | + # the existing impact may contain a baseMetricV2 or others so only |
652 | + # compare CVSS3 |
653 | + assert(js["baseMetricV3"] == cvss["baseMetricV3"]) |
654 | |
655 | |
656 | class TestPackageOverrideTests: |
657 | @@ -99,6 +102,74 @@ class TestReleaseSort: |
658 | assert cve_lib.release_sort( |
659 | ["xenial", "dapper"]) == ["dapper", "xenial"] |
660 | |
661 | +class TestFileManipulation: |
662 | + |
663 | + def _prepare_files(self, tmp_path, filename): |
664 | + test_file = os.path.join(tmp_path, filename) |
665 | + test_result = 'scripts/testfiles/' + filename + '.result' |
666 | + shutil.copy('scripts/testfiles/' + filename + '.in', test_file) |
667 | + return (test_file, test_result) |
668 | + |
669 | + def test_add_state_middle(self, tmp_path): |
670 | + test_file, test_result = self._prepare_files(tmp_path, 'cve_lib_test_1') |
671 | + # Insert a release in the middle of other releases |
672 | + cve_lib.add_state(test_file, "openssl", "mantic", "needs-triage") |
673 | + assert filecmp.cmp(test_file, test_result) |
674 | + |
675 | + def test_add_state_devel(self, tmp_path): |
676 | + test_file, test_result = self._prepare_files(tmp_path, 'cve_lib_test_2') |
677 | + # Insert a missing devel release |
678 | + cve_lib.add_state(test_file, "openssl", "devel", "needs-triage") |
679 | + assert filecmp.cmp(test_file, test_result) |
680 | + |
681 | + def test_add_state_middle_last(self, tmp_path): |
682 | + test_file, test_result = self._prepare_files(tmp_path, 'cve_lib_test_3') |
683 | + # Insert a release in the middle of other releases in the last group |
684 | + cve_lib.add_state(test_file, "edk2", "jammy", "needs-triage") |
685 | + assert filecmp.cmp(test_file, test_result) |
686 | + |
687 | + def test_add_state_devel_end_of_file(self, tmp_path): |
688 | + test_file, test_result = self._prepare_files(tmp_path, 'cve_lib_test_4') |
689 | + # Insert a missing devel release in the last group |
690 | + cve_lib.add_state(test_file, "edk2", "devel", "needs-triage") |
691 | + assert filecmp.cmp(test_file, test_result) |
692 | + |
693 | + def test_add_state_with_details(self, tmp_path): |
694 | + test_file, test_result = self._prepare_files(tmp_path, 'cve_lib_test_5') |
695 | + # Insert a release in the middle of other releases with details |
696 | + cve_lib.add_state(test_file, "openssl", "mantic", "not-affected", "code not present") |
697 | + assert filecmp.cmp(test_file, test_result) |
698 | + |
699 | + def test_add_state_after_rel(self, tmp_path): |
700 | + test_file, test_result = self._prepare_files(tmp_path, 'cve_lib_test_6') |
701 | + # Insert a release after a certain other release |
702 | + cve_lib.add_state(test_file, "openssl", "mantic", "needs-triage", after_rel="jammy") |
703 | + assert filecmp.cmp(test_file, test_result) |
704 | + |
705 | + def test_update_state(self, tmp_path): |
706 | + test_file, test_result = self._prepare_files(tmp_path, 'cve_lib_test_7') |
707 | + # Update the state of a release |
708 | + cve_lib.update_state(test_file, "openssl", "mantic", "not-affected") |
709 | + assert filecmp.cmp(test_file, test_result) |
710 | + |
711 | + def test_update_state_with_details(self, tmp_path): |
712 | + test_file, test_result = self._prepare_files(tmp_path, 'cve_lib_test_8') |
713 | + # Update the state of a release with some details |
714 | + cve_lib.update_state(test_file, "openssl", "mantic", "not-affected", "code not present") |
715 | + assert filecmp.cmp(test_file, test_result) |
716 | + |
717 | + def test_clone_release(self, tmp_path): |
718 | + test_file, test_result = self._prepare_files(tmp_path, 'cve_lib_test_9') |
719 | + # Clone a release into another (ordering is weird here, what uses this?) |
720 | + cve_lib.clone_release(test_file, "openssl", "mantic", "jammy") |
721 | + assert filecmp.cmp(test_file, test_result) |
722 | + |
723 | + def test_drop_pkg_release(self, tmp_path): |
724 | + test_file, test_result = self._prepare_files(tmp_path, 'cve_lib_test_10') |
725 | + # Drop a release |
726 | + cve_lib.drop_pkg_release(test_file, "openssl", "mantic") |
727 | + assert filecmp.cmp(test_file, test_result) |
728 | + |
729 | class TestReleaseDevel: |
730 | def test_release_devel_direct(self): |
731 | # ensure that there is no more than one ubuntu release marked as |
732 | diff --git a/scripts/testfiles/cve_lib_test.example b/scripts/testfiles/cve_lib_test.example |
733 | new file mode 100644 |
734 | index 0000000..2dad463 |
735 | --- /dev/null |
736 | +++ b/scripts/testfiles/cve_lib_test.example |
737 | @@ -0,0 +1,71 @@ |
738 | +Candidate: CVE-2024-TEST |
739 | +PublicDate: 2024-02-16 |
740 | +References: |
741 | + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-NNN1 |
742 | +Description: |
743 | + Some flaw description |
744 | +Ubuntu-Description: |
745 | +Notes: |
746 | +Mitigation: |
747 | +Bugs: |
748 | +Priority: medium |
749 | +Discovered-by: |
750 | +Assigned-to: |
751 | +CVSS: |
752 | + |
753 | +Patches_openssl: |
754 | +upstream_openssl: needs-triage |
755 | +trusty_openssl: ignored (end of standard support) |
756 | +trusty/esm_openssl: needs-triage |
757 | +xenial_openssl: ignored (end of standard support) |
758 | +esm-infra/xenial_openssl: needs-triage |
759 | +fips-updates/xenial_openssl: needs-triage |
760 | +fips/xenial_openssl: needs-triage |
761 | +bionic_openssl: ignored (end of standard support) |
762 | +esm-infra/bionic_openssl: needs-triage |
763 | +fips-updates/bionic_openssl: needs-triage |
764 | +fips/bionic_openssl: needs-triage |
765 | +focal_openssl: needs-triage |
766 | +fips-updates/focal_openssl: needs-triage |
767 | +fips/focal_openssl: needs-triage |
768 | +jammy_openssl: needs-triage |
769 | +mantic_openssl: needs-triage |
770 | +devel_openssl: needs-triage |
771 | + |
772 | +Patches_openssl1.0: |
773 | +upstream_openssl1.0: needs-triage |
774 | +trusty_openssl1.0: DNE |
775 | +xenial_openssl1.0: DNE |
776 | +bionic_openssl1.0: ignored (end of standard support) |
777 | +esm-infra/bionic_openssl1.0: needs-triage |
778 | +focal_openssl1.0: DNE |
779 | +jammy_openssl1.0: DNE |
780 | +mantic_openssl1.0: DNE |
781 | +devel_openssl1.0: DNE |
782 | + |
783 | +Patches_nodejs: |
784 | +upstream_nodejs: needs-triage |
785 | +trusty_nodejs: ignored (end of standard support) |
786 | +trusty/esm_nodejs: not-affected (uses system openssl) |
787 | +xenial_nodejs: not-affected (uses system openssl) |
788 | +esm-apps/xenial_nodejs: needs-triage |
789 | +bionic_nodejs: not-affected (uses system openssl1.0) |
790 | +esm-apps/bionic_nodejs: needs-triage |
791 | +focal_nodejs: not-affected (uses system openssl) |
792 | +esm-apps/focal_nodejs: needs-triage |
793 | +jammy_nodejs: needed |
794 | +esm-apps/jammy_nodejs: needs-triage |
795 | +mantic_nodejs: not-affected (uses system openssl) |
796 | +devel_nodejs: not-affected (uses system openssl) |
797 | + |
798 | +Patches_edk2: |
799 | +upstream_edk2: needs-triage |
800 | +trusty_edk2: ignored (end of standard support) |
801 | +xenial_edk2: ignored (end of standard support) |
802 | +esm-apps/xenial_edk2: needs-triage |
803 | +bionic_edk2: ignored (end of standard support) |
804 | +esm-apps/bionic_edk2: needs-triage |
805 | +focal_edk2: needs-triage |
806 | +jammy_edk2: needs-triage |
807 | +mantic_edk2: needs-triage |
808 | +devel_edk2: needs-triage |
809 | diff --git a/scripts/testfiles/cve_lib_test_1.in b/scripts/testfiles/cve_lib_test_1.in |
810 | new file mode 100644 |
811 | index 0000000..aa830d9 |
812 | --- /dev/null |
813 | +++ b/scripts/testfiles/cve_lib_test_1.in |
814 | @@ -0,0 +1,70 @@ |
815 | +Candidate: CVE-2024-TEST |
816 | +PublicDate: 2024-02-16 |
817 | +References: |
818 | + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-NNN1 |
819 | +Description: |
820 | + Some flaw description |
821 | +Ubuntu-Description: |
822 | +Notes: |
823 | +Mitigation: |
824 | +Bugs: |
825 | +Priority: medium |
826 | +Discovered-by: |
827 | +Assigned-to: |
828 | +CVSS: |
829 | + |
830 | +Patches_openssl: |
831 | +upstream_openssl: needs-triage |
832 | +trusty_openssl: ignored (end of standard support) |
833 | +trusty/esm_openssl: needs-triage |
834 | +xenial_openssl: ignored (end of standard support) |
835 | +esm-infra/xenial_openssl: needs-triage |
836 | +fips-updates/xenial_openssl: needs-triage |
837 | +fips/xenial_openssl: needs-triage |
838 | +bionic_openssl: ignored (end of standard support) |
839 | +esm-infra/bionic_openssl: needs-triage |
840 | +fips-updates/bionic_openssl: needs-triage |
841 | +fips/bionic_openssl: needs-triage |
842 | +focal_openssl: needs-triage |
843 | +fips-updates/focal_openssl: needs-triage |
844 | +fips/focal_openssl: needs-triage |
845 | +jammy_openssl: needs-triage |
846 | +devel_openssl: needs-triage |
847 | + |
848 | +Patches_openssl1.0: |
849 | +upstream_openssl1.0: needs-triage |
850 | +trusty_openssl1.0: DNE |
851 | +xenial_openssl1.0: DNE |
852 | +bionic_openssl1.0: ignored (end of standard support) |
853 | +esm-infra/bionic_openssl1.0: needs-triage |
854 | +focal_openssl1.0: DNE |
855 | +jammy_openssl1.0: DNE |
856 | +mantic_openssl1.0: DNE |
857 | +devel_openssl1.0: DNE |
858 | + |
859 | +Patches_nodejs: |
860 | +upstream_nodejs: needs-triage |
861 | +trusty_nodejs: ignored (end of standard support) |
862 | +trusty/esm_nodejs: not-affected (uses system openssl) |
863 | +xenial_nodejs: not-affected (uses system openssl) |
864 | +esm-apps/xenial_nodejs: needs-triage |
865 | +bionic_nodejs: not-affected (uses system openssl1.0) |
866 | +esm-apps/bionic_nodejs: needs-triage |
867 | +focal_nodejs: not-affected (uses system openssl) |
868 | +esm-apps/focal_nodejs: needs-triage |
869 | +jammy_nodejs: needed |
870 | +esm-apps/jammy_nodejs: needs-triage |
871 | +mantic_nodejs: not-affected (uses system openssl) |
872 | +devel_nodejs: not-affected (uses system openssl) |
873 | + |
874 | +Patches_edk2: |
875 | +upstream_edk2: needs-triage |
876 | +trusty_edk2: ignored (end of standard support) |
877 | +xenial_edk2: ignored (end of standard support) |
878 | +esm-apps/xenial_edk2: needs-triage |
879 | +bionic_edk2: ignored (end of standard support) |
880 | +esm-apps/bionic_edk2: needs-triage |
881 | +focal_edk2: needs-triage |
882 | +jammy_edk2: needs-triage |
883 | +mantic_edk2: needs-triage |
884 | +devel_edk2: needs-triage |
885 | diff --git a/scripts/testfiles/cve_lib_test_1.result b/scripts/testfiles/cve_lib_test_1.result |
886 | new file mode 100644 |
887 | index 0000000..2dad463 |
888 | --- /dev/null |
889 | +++ b/scripts/testfiles/cve_lib_test_1.result |
890 | @@ -0,0 +1,71 @@ |
891 | +Candidate: CVE-2024-TEST |
892 | +PublicDate: 2024-02-16 |
893 | +References: |
894 | + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-NNN1 |
895 | +Description: |
896 | + Some flaw description |
897 | +Ubuntu-Description: |
898 | +Notes: |
899 | +Mitigation: |
900 | +Bugs: |
901 | +Priority: medium |
902 | +Discovered-by: |
903 | +Assigned-to: |
904 | +CVSS: |
905 | + |
906 | +Patches_openssl: |
907 | +upstream_openssl: needs-triage |
908 | +trusty_openssl: ignored (end of standard support) |
909 | +trusty/esm_openssl: needs-triage |
910 | +xenial_openssl: ignored (end of standard support) |
911 | +esm-infra/xenial_openssl: needs-triage |
912 | +fips-updates/xenial_openssl: needs-triage |
913 | +fips/xenial_openssl: needs-triage |
914 | +bionic_openssl: ignored (end of standard support) |
915 | +esm-infra/bionic_openssl: needs-triage |
916 | +fips-updates/bionic_openssl: needs-triage |
917 | +fips/bionic_openssl: needs-triage |
918 | +focal_openssl: needs-triage |
919 | +fips-updates/focal_openssl: needs-triage |
920 | +fips/focal_openssl: needs-triage |
921 | +jammy_openssl: needs-triage |
922 | +mantic_openssl: needs-triage |
923 | +devel_openssl: needs-triage |
924 | + |
925 | +Patches_openssl1.0: |
926 | +upstream_openssl1.0: needs-triage |
927 | +trusty_openssl1.0: DNE |
928 | +xenial_openssl1.0: DNE |
929 | +bionic_openssl1.0: ignored (end of standard support) |
930 | +esm-infra/bionic_openssl1.0: needs-triage |
931 | +focal_openssl1.0: DNE |
932 | +jammy_openssl1.0: DNE |
933 | +mantic_openssl1.0: DNE |
934 | +devel_openssl1.0: DNE |
935 | + |
936 | +Patches_nodejs: |
937 | +upstream_nodejs: needs-triage |
938 | +trusty_nodejs: ignored (end of standard support) |
939 | +trusty/esm_nodejs: not-affected (uses system openssl) |
940 | +xenial_nodejs: not-affected (uses system openssl) |
941 | +esm-apps/xenial_nodejs: needs-triage |
942 | +bionic_nodejs: not-affected (uses system openssl1.0) |
943 | +esm-apps/bionic_nodejs: needs-triage |
944 | +focal_nodejs: not-affected (uses system openssl) |
945 | +esm-apps/focal_nodejs: needs-triage |
946 | +jammy_nodejs: needed |
947 | +esm-apps/jammy_nodejs: needs-triage |
948 | +mantic_nodejs: not-affected (uses system openssl) |
949 | +devel_nodejs: not-affected (uses system openssl) |
950 | + |
951 | +Patches_edk2: |
952 | +upstream_edk2: needs-triage |
953 | +trusty_edk2: ignored (end of standard support) |
954 | +xenial_edk2: ignored (end of standard support) |
955 | +esm-apps/xenial_edk2: needs-triage |
956 | +bionic_edk2: ignored (end of standard support) |
957 | +esm-apps/bionic_edk2: needs-triage |
958 | +focal_edk2: needs-triage |
959 | +jammy_edk2: needs-triage |
960 | +mantic_edk2: needs-triage |
961 | +devel_edk2: needs-triage |
962 | diff --git a/scripts/testfiles/cve_lib_test_10.in b/scripts/testfiles/cve_lib_test_10.in |
963 | new file mode 100644 |
964 | index 0000000..2dad463 |
965 | --- /dev/null |
966 | +++ b/scripts/testfiles/cve_lib_test_10.in |
967 | @@ -0,0 +1,71 @@ |
968 | +Candidate: CVE-2024-TEST |
969 | +PublicDate: 2024-02-16 |
970 | +References: |
971 | + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-NNN1 |
972 | +Description: |
973 | + Some flaw description |
974 | +Ubuntu-Description: |
975 | +Notes: |
976 | +Mitigation: |
977 | +Bugs: |
978 | +Priority: medium |
979 | +Discovered-by: |
980 | +Assigned-to: |
981 | +CVSS: |
982 | + |
983 | +Patches_openssl: |
984 | +upstream_openssl: needs-triage |
985 | +trusty_openssl: ignored (end of standard support) |
986 | +trusty/esm_openssl: needs-triage |
987 | +xenial_openssl: ignored (end of standard support) |
988 | +esm-infra/xenial_openssl: needs-triage |
989 | +fips-updates/xenial_openssl: needs-triage |
990 | +fips/xenial_openssl: needs-triage |
991 | +bionic_openssl: ignored (end of standard support) |
992 | +esm-infra/bionic_openssl: needs-triage |
993 | +fips-updates/bionic_openssl: needs-triage |
994 | +fips/bionic_openssl: needs-triage |
995 | +focal_openssl: needs-triage |
996 | +fips-updates/focal_openssl: needs-triage |
997 | +fips/focal_openssl: needs-triage |
998 | +jammy_openssl: needs-triage |
999 | +mantic_openssl: needs-triage |
1000 | +devel_openssl: needs-triage |
1001 | + |
1002 | +Patches_openssl1.0: |
1003 | +upstream_openssl1.0: needs-triage |
1004 | +trusty_openssl1.0: DNE |
1005 | +xenial_openssl1.0: DNE |
1006 | +bionic_openssl1.0: ignored (end of standard support) |
1007 | +esm-infra/bionic_openssl1.0: needs-triage |
1008 | +focal_openssl1.0: DNE |
1009 | +jammy_openssl1.0: DNE |
1010 | +mantic_openssl1.0: DNE |
1011 | +devel_openssl1.0: DNE |
1012 | + |
1013 | +Patches_nodejs: |
1014 | +upstream_nodejs: needs-triage |
1015 | +trusty_nodejs: ignored (end of standard support) |
1016 | +trusty/esm_nodejs: not-affected (uses system openssl) |
1017 | +xenial_nodejs: not-affected (uses system openssl) |
1018 | +esm-apps/xenial_nodejs: needs-triage |
1019 | +bionic_nodejs: not-affected (uses system openssl1.0) |
1020 | +esm-apps/bionic_nodejs: needs-triage |
1021 | +focal_nodejs: not-affected (uses system openssl) |
1022 | +esm-apps/focal_nodejs: needs-triage |
1023 | +jammy_nodejs: needed |
1024 | +esm-apps/jammy_nodejs: needs-triage |
1025 | +mantic_nodejs: not-affected (uses system openssl) |
1026 | +devel_nodejs: not-affected (uses system openssl) |
1027 | + |
1028 | +Patches_edk2: |
1029 | +upstream_edk2: needs-triage |
1030 | +trusty_edk2: ignored (end of standard support) |
1031 | +xenial_edk2: ignored (end of standard support) |
1032 | +esm-apps/xenial_edk2: needs-triage |
1033 | +bionic_edk2: ignored (end of standard support) |
1034 | +esm-apps/bionic_edk2: needs-triage |
1035 | +focal_edk2: needs-triage |
1036 | +jammy_edk2: needs-triage |
1037 | +mantic_edk2: needs-triage |
1038 | +devel_edk2: needs-triage |
1039 | diff --git a/scripts/testfiles/cve_lib_test_10.result b/scripts/testfiles/cve_lib_test_10.result |
1040 | new file mode 100644 |
1041 | index 0000000..aa830d9 |
1042 | --- /dev/null |
1043 | +++ b/scripts/testfiles/cve_lib_test_10.result |
1044 | @@ -0,0 +1,70 @@ |
1045 | +Candidate: CVE-2024-TEST |
1046 | +PublicDate: 2024-02-16 |
1047 | +References: |
1048 | + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-NNN1 |
1049 | +Description: |
1050 | + Some flaw description |
1051 | +Ubuntu-Description: |
1052 | +Notes: |
1053 | +Mitigation: |
1054 | +Bugs: |
1055 | +Priority: medium |
1056 | +Discovered-by: |
1057 | +Assigned-to: |
1058 | +CVSS: |
1059 | + |
1060 | +Patches_openssl: |
1061 | +upstream_openssl: needs-triage |
1062 | +trusty_openssl: ignored (end of standard support) |
1063 | +trusty/esm_openssl: needs-triage |
1064 | +xenial_openssl: ignored (end of standard support) |
1065 | +esm-infra/xenial_openssl: needs-triage |
1066 | +fips-updates/xenial_openssl: needs-triage |
1067 | +fips/xenial_openssl: needs-triage |
1068 | +bionic_openssl: ignored (end of standard support) |
1069 | +esm-infra/bionic_openssl: needs-triage |
1070 | +fips-updates/bionic_openssl: needs-triage |
1071 | +fips/bionic_openssl: needs-triage |
1072 | +focal_openssl: needs-triage |
1073 | +fips-updates/focal_openssl: needs-triage |
1074 | +fips/focal_openssl: needs-triage |
1075 | +jammy_openssl: needs-triage |
1076 | +devel_openssl: needs-triage |
1077 | + |
1078 | +Patches_openssl1.0: |
1079 | +upstream_openssl1.0: needs-triage |
1080 | +trusty_openssl1.0: DNE |
1081 | +xenial_openssl1.0: DNE |
1082 | +bionic_openssl1.0: ignored (end of standard support) |
1083 | +esm-infra/bionic_openssl1.0: needs-triage |
1084 | +focal_openssl1.0: DNE |
1085 | +jammy_openssl1.0: DNE |
1086 | +mantic_openssl1.0: DNE |
1087 | +devel_openssl1.0: DNE |
1088 | + |
1089 | +Patches_nodejs: |
1090 | +upstream_nodejs: needs-triage |
1091 | +trusty_nodejs: ignored (end of standard support) |
1092 | +trusty/esm_nodejs: not-affected (uses system openssl) |
1093 | +xenial_nodejs: not-affected (uses system openssl) |
1094 | +esm-apps/xenial_nodejs: needs-triage |
1095 | +bionic_nodejs: not-affected (uses system openssl1.0) |
1096 | +esm-apps/bionic_nodejs: needs-triage |
1097 | +focal_nodejs: not-affected (uses system openssl) |
1098 | +esm-apps/focal_nodejs: needs-triage |
1099 | +jammy_nodejs: needed |
1100 | +esm-apps/jammy_nodejs: needs-triage |
1101 | +mantic_nodejs: not-affected (uses system openssl) |
1102 | +devel_nodejs: not-affected (uses system openssl) |
1103 | + |
1104 | +Patches_edk2: |
1105 | +upstream_edk2: needs-triage |
1106 | +trusty_edk2: ignored (end of standard support) |
1107 | +xenial_edk2: ignored (end of standard support) |
1108 | +esm-apps/xenial_edk2: needs-triage |
1109 | +bionic_edk2: ignored (end of standard support) |
1110 | +esm-apps/bionic_edk2: needs-triage |
1111 | +focal_edk2: needs-triage |
1112 | +jammy_edk2: needs-triage |
1113 | +mantic_edk2: needs-triage |
1114 | +devel_edk2: needs-triage |
1115 | diff --git a/scripts/testfiles/cve_lib_test_2.in b/scripts/testfiles/cve_lib_test_2.in |
1116 | new file mode 100644 |
1117 | index 0000000..95cda1b |
1118 | --- /dev/null |
1119 | +++ b/scripts/testfiles/cve_lib_test_2.in |
1120 | @@ -0,0 +1,70 @@ |
1121 | +Candidate: CVE-2024-TEST |
1122 | +PublicDate: 2024-02-16 |
1123 | +References: |
1124 | + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-NNN1 |
1125 | +Description: |
1126 | + Some flaw description |
1127 | +Ubuntu-Description: |
1128 | +Notes: |
1129 | +Mitigation: |
1130 | +Bugs: |
1131 | +Priority: medium |
1132 | +Discovered-by: |
1133 | +Assigned-to: |
1134 | +CVSS: |
1135 | + |
1136 | +Patches_openssl: |
1137 | +upstream_openssl: needs-triage |
1138 | +trusty_openssl: ignored (end of standard support) |
1139 | +trusty/esm_openssl: needs-triage |
1140 | +xenial_openssl: ignored (end of standard support) |
1141 | +esm-infra/xenial_openssl: needs-triage |
1142 | +fips-updates/xenial_openssl: needs-triage |
1143 | +fips/xenial_openssl: needs-triage |
1144 | +bionic_openssl: ignored (end of standard support) |
1145 | +esm-infra/bionic_openssl: needs-triage |
1146 | +fips-updates/bionic_openssl: needs-triage |
1147 | +fips/bionic_openssl: needs-triage |
1148 | +focal_openssl: needs-triage |
1149 | +fips-updates/focal_openssl: needs-triage |
1150 | +fips/focal_openssl: needs-triage |
1151 | +jammy_openssl: needs-triage |
1152 | +mantic_openssl: needs-triage |
1153 | + |
1154 | +Patches_openssl1.0: |
1155 | +upstream_openssl1.0: needs-triage |
1156 | +trusty_openssl1.0: DNE |
1157 | +xenial_openssl1.0: DNE |
1158 | +bionic_openssl1.0: ignored (end of standard support) |
1159 | +esm-infra/bionic_openssl1.0: needs-triage |
1160 | +focal_openssl1.0: DNE |
1161 | +jammy_openssl1.0: DNE |
1162 | +mantic_openssl1.0: DNE |
1163 | +devel_openssl1.0: DNE |
1164 | + |
1165 | +Patches_nodejs: |
1166 | +upstream_nodejs: needs-triage |
1167 | +trusty_nodejs: ignored (end of standard support) |
1168 | +trusty/esm_nodejs: not-affected (uses system openssl) |
1169 | +xenial_nodejs: not-affected (uses system openssl) |
1170 | +esm-apps/xenial_nodejs: needs-triage |
1171 | +bionic_nodejs: not-affected (uses system openssl1.0) |
1172 | +esm-apps/bionic_nodejs: needs-triage |
1173 | +focal_nodejs: not-affected (uses system openssl) |
1174 | +esm-apps/focal_nodejs: needs-triage |
1175 | +jammy_nodejs: needed |
1176 | +esm-apps/jammy_nodejs: needs-triage |
1177 | +mantic_nodejs: not-affected (uses system openssl) |
1178 | +devel_nodejs: not-affected (uses system openssl) |
1179 | + |
1180 | +Patches_edk2: |
1181 | +upstream_edk2: needs-triage |
1182 | +trusty_edk2: ignored (end of standard support) |
1183 | +xenial_edk2: ignored (end of standard support) |
1184 | +esm-apps/xenial_edk2: needs-triage |
1185 | +bionic_edk2: ignored (end of standard support) |
1186 | +esm-apps/bionic_edk2: needs-triage |
1187 | +focal_edk2: needs-triage |
1188 | +jammy_edk2: needs-triage |
1189 | +mantic_edk2: needs-triage |
1190 | +devel_edk2: needs-triage |
1191 | diff --git a/scripts/testfiles/cve_lib_test_2.result b/scripts/testfiles/cve_lib_test_2.result |
1192 | new file mode 100644 |
1193 | index 0000000..2dad463 |
1194 | --- /dev/null |
1195 | +++ b/scripts/testfiles/cve_lib_test_2.result |
1196 | @@ -0,0 +1,71 @@ |
1197 | +Candidate: CVE-2024-TEST |
1198 | +PublicDate: 2024-02-16 |
1199 | +References: |
1200 | + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-NNN1 |
1201 | +Description: |
1202 | + Some flaw description |
1203 | +Ubuntu-Description: |
1204 | +Notes: |
1205 | +Mitigation: |
1206 | +Bugs: |
1207 | +Priority: medium |
1208 | +Discovered-by: |
1209 | +Assigned-to: |
1210 | +CVSS: |
1211 | + |
1212 | +Patches_openssl: |
1213 | +upstream_openssl: needs-triage |
1214 | +trusty_openssl: ignored (end of standard support) |
1215 | +trusty/esm_openssl: needs-triage |
1216 | +xenial_openssl: ignored (end of standard support) |
1217 | +esm-infra/xenial_openssl: needs-triage |
1218 | +fips-updates/xenial_openssl: needs-triage |
1219 | +fips/xenial_openssl: needs-triage |
1220 | +bionic_openssl: ignored (end of standard support) |
1221 | +esm-infra/bionic_openssl: needs-triage |
1222 | +fips-updates/bionic_openssl: needs-triage |
1223 | +fips/bionic_openssl: needs-triage |
1224 | +focal_openssl: needs-triage |
1225 | +fips-updates/focal_openssl: needs-triage |
1226 | +fips/focal_openssl: needs-triage |
1227 | +jammy_openssl: needs-triage |
1228 | +mantic_openssl: needs-triage |
1229 | +devel_openssl: needs-triage |
1230 | + |
1231 | +Patches_openssl1.0: |
1232 | +upstream_openssl1.0: needs-triage |
1233 | +trusty_openssl1.0: DNE |
1234 | +xenial_openssl1.0: DNE |
1235 | +bionic_openssl1.0: ignored (end of standard support) |
1236 | +esm-infra/bionic_openssl1.0: needs-triage |
1237 | +focal_openssl1.0: DNE |
1238 | +jammy_openssl1.0: DNE |
1239 | +mantic_openssl1.0: DNE |
1240 | +devel_openssl1.0: DNE |
1241 | + |
1242 | +Patches_nodejs: |
1243 | +upstream_nodejs: needs-triage |
1244 | +trusty_nodejs: ignored (end of standard support) |
1245 | +trusty/esm_nodejs: not-affected (uses system openssl) |
1246 | +xenial_nodejs: not-affected (uses system openssl) |
1247 | +esm-apps/xenial_nodejs: needs-triage |
1248 | +bionic_nodejs: not-affected (uses system openssl1.0) |
1249 | +esm-apps/bionic_nodejs: needs-triage |
1250 | +focal_nodejs: not-affected (uses system openssl) |
1251 | +esm-apps/focal_nodejs: needs-triage |
1252 | +jammy_nodejs: needed |
1253 | +esm-apps/jammy_nodejs: needs-triage |
1254 | +mantic_nodejs: not-affected (uses system openssl) |
1255 | +devel_nodejs: not-affected (uses system openssl) |
1256 | + |
1257 | +Patches_edk2: |
1258 | +upstream_edk2: needs-triage |
1259 | +trusty_edk2: ignored (end of standard support) |
1260 | +xenial_edk2: ignored (end of standard support) |
1261 | +esm-apps/xenial_edk2: needs-triage |
1262 | +bionic_edk2: ignored (end of standard support) |
1263 | +esm-apps/bionic_edk2: needs-triage |
1264 | +focal_edk2: needs-triage |
1265 | +jammy_edk2: needs-triage |
1266 | +mantic_edk2: needs-triage |
1267 | +devel_edk2: needs-triage |
1268 | diff --git a/scripts/testfiles/cve_lib_test_3.in b/scripts/testfiles/cve_lib_test_3.in |
1269 | new file mode 100644 |
1270 | index 0000000..d2e0b69 |
1271 | --- /dev/null |
1272 | +++ b/scripts/testfiles/cve_lib_test_3.in |
1273 | @@ -0,0 +1,70 @@ |
1274 | +Candidate: CVE-2024-TEST |
1275 | +PublicDate: 2024-02-16 |
1276 | +References: |
1277 | + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-NNN1 |
1278 | +Description: |
1279 | + Some flaw description |
1280 | +Ubuntu-Description: |
1281 | +Notes: |
1282 | +Mitigation: |
1283 | +Bugs: |
1284 | +Priority: medium |
1285 | +Discovered-by: |
1286 | +Assigned-to: |
1287 | +CVSS: |
1288 | + |
1289 | +Patches_openssl: |
1290 | +upstream_openssl: needs-triage |
1291 | +trusty_openssl: ignored (end of standard support) |
1292 | +trusty/esm_openssl: needs-triage |
1293 | +xenial_openssl: ignored (end of standard support) |
1294 | +esm-infra/xenial_openssl: needs-triage |
1295 | +fips-updates/xenial_openssl: needs-triage |
1296 | +fips/xenial_openssl: needs-triage |
1297 | +bionic_openssl: ignored (end of standard support) |
1298 | +esm-infra/bionic_openssl: needs-triage |
1299 | +fips-updates/bionic_openssl: needs-triage |
1300 | +fips/bionic_openssl: needs-triage |
1301 | +focal_openssl: needs-triage |
1302 | +fips-updates/focal_openssl: needs-triage |
1303 | +fips/focal_openssl: needs-triage |
1304 | +jammy_openssl: needs-triage |
1305 | +mantic_openssl: needs-triage |
1306 | +devel_openssl: needs-triage |
1307 | + |
1308 | +Patches_openssl1.0: |
1309 | +upstream_openssl1.0: needs-triage |
1310 | +trusty_openssl1.0: DNE |
1311 | +xenial_openssl1.0: DNE |
1312 | +bionic_openssl1.0: ignored (end of standard support) |
1313 | +esm-infra/bionic_openssl1.0: needs-triage |
1314 | +focal_openssl1.0: DNE |
1315 | +jammy_openssl1.0: DNE |
1316 | +mantic_openssl1.0: DNE |
1317 | +devel_openssl1.0: DNE |
1318 | + |
1319 | +Patches_nodejs: |
1320 | +upstream_nodejs: needs-triage |
1321 | +trusty_nodejs: ignored (end of standard support) |
1322 | +trusty/esm_nodejs: not-affected (uses system openssl) |
1323 | +xenial_nodejs: not-affected (uses system openssl) |
1324 | +esm-apps/xenial_nodejs: needs-triage |
1325 | +bionic_nodejs: not-affected (uses system openssl1.0) |
1326 | +esm-apps/bionic_nodejs: needs-triage |
1327 | +focal_nodejs: not-affected (uses system openssl) |
1328 | +esm-apps/focal_nodejs: needs-triage |
1329 | +jammy_nodejs: needed |
1330 | +esm-apps/jammy_nodejs: needs-triage |
1331 | +mantic_nodejs: not-affected (uses system openssl) |
1332 | +devel_nodejs: not-affected (uses system openssl) |
1333 | + |
1334 | +Patches_edk2: |
1335 | +upstream_edk2: needs-triage |
1336 | +trusty_edk2: ignored (end of standard support) |
1337 | +xenial_edk2: ignored (end of standard support) |
1338 | +esm-apps/xenial_edk2: needs-triage |
1339 | +bionic_edk2: ignored (end of standard support) |
1340 | +esm-apps/bionic_edk2: needs-triage |
1341 | +focal_edk2: needs-triage |
1342 | +mantic_edk2: needs-triage |
1343 | +devel_edk2: needs-triage |
1344 | diff --git a/scripts/testfiles/cve_lib_test_3.result b/scripts/testfiles/cve_lib_test_3.result |
1345 | new file mode 100644 |
1346 | index 0000000..2dad463 |
1347 | --- /dev/null |
1348 | +++ b/scripts/testfiles/cve_lib_test_3.result |
1349 | @@ -0,0 +1,71 @@ |
1350 | +Candidate: CVE-2024-TEST |
1351 | +PublicDate: 2024-02-16 |
1352 | +References: |
1353 | + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-NNN1 |
1354 | +Description: |
1355 | + Some flaw description |
1356 | +Ubuntu-Description: |
1357 | +Notes: |
1358 | +Mitigation: |
1359 | +Bugs: |
1360 | +Priority: medium |
1361 | +Discovered-by: |
1362 | +Assigned-to: |
1363 | +CVSS: |
1364 | + |
1365 | +Patches_openssl: |
1366 | +upstream_openssl: needs-triage |
1367 | +trusty_openssl: ignored (end of standard support) |
1368 | +trusty/esm_openssl: needs-triage |
1369 | +xenial_openssl: ignored (end of standard support) |
1370 | +esm-infra/xenial_openssl: needs-triage |
1371 | +fips-updates/xenial_openssl: needs-triage |
1372 | +fips/xenial_openssl: needs-triage |
1373 | +bionic_openssl: ignored (end of standard support) |
1374 | +esm-infra/bionic_openssl: needs-triage |
1375 | +fips-updates/bionic_openssl: needs-triage |
1376 | +fips/bionic_openssl: needs-triage |
1377 | +focal_openssl: needs-triage |
1378 | +fips-updates/focal_openssl: needs-triage |
1379 | +fips/focal_openssl: needs-triage |
1380 | +jammy_openssl: needs-triage |
1381 | +mantic_openssl: needs-triage |
1382 | +devel_openssl: needs-triage |
1383 | + |
1384 | +Patches_openssl1.0: |
1385 | +upstream_openssl1.0: needs-triage |
1386 | +trusty_openssl1.0: DNE |
1387 | +xenial_openssl1.0: DNE |
1388 | +bionic_openssl1.0: ignored (end of standard support) |
1389 | +esm-infra/bionic_openssl1.0: needs-triage |
1390 | +focal_openssl1.0: DNE |
1391 | +jammy_openssl1.0: DNE |
1392 | +mantic_openssl1.0: DNE |
1393 | +devel_openssl1.0: DNE |
1394 | + |
1395 | +Patches_nodejs: |
1396 | +upstream_nodejs: needs-triage |
1397 | +trusty_nodejs: ignored (end of standard support) |
1398 | +trusty/esm_nodejs: not-affected (uses system openssl) |
1399 | +xenial_nodejs: not-affected (uses system openssl) |
1400 | +esm-apps/xenial_nodejs: needs-triage |
1401 | +bionic_nodejs: not-affected (uses system openssl1.0) |
1402 | +esm-apps/bionic_nodejs: needs-triage |
1403 | +focal_nodejs: not-affected (uses system openssl) |
1404 | +esm-apps/focal_nodejs: needs-triage |
1405 | +jammy_nodejs: needed |
1406 | +esm-apps/jammy_nodejs: needs-triage |
1407 | +mantic_nodejs: not-affected (uses system openssl) |
1408 | +devel_nodejs: not-affected (uses system openssl) |
1409 | + |
1410 | +Patches_edk2: |
1411 | +upstream_edk2: needs-triage |
1412 | +trusty_edk2: ignored (end of standard support) |
1413 | +xenial_edk2: ignored (end of standard support) |
1414 | +esm-apps/xenial_edk2: needs-triage |
1415 | +bionic_edk2: ignored (end of standard support) |
1416 | +esm-apps/bionic_edk2: needs-triage |
1417 | +focal_edk2: needs-triage |
1418 | +jammy_edk2: needs-triage |
1419 | +mantic_edk2: needs-triage |
1420 | +devel_edk2: needs-triage |
1421 | diff --git a/scripts/testfiles/cve_lib_test_4.in b/scripts/testfiles/cve_lib_test_4.in |
1422 | new file mode 100644 |
1423 | index 0000000..b9799d0 |
1424 | --- /dev/null |
1425 | +++ b/scripts/testfiles/cve_lib_test_4.in |
1426 | @@ -0,0 +1,70 @@ |
1427 | +Candidate: CVE-2024-TEST |
1428 | +PublicDate: 2024-02-16 |
1429 | +References: |
1430 | + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-NNN1 |
1431 | +Description: |
1432 | + Some flaw description |
1433 | +Ubuntu-Description: |
1434 | +Notes: |
1435 | +Mitigation: |
1436 | +Bugs: |
1437 | +Priority: medium |
1438 | +Discovered-by: |
1439 | +Assigned-to: |
1440 | +CVSS: |
1441 | + |
1442 | +Patches_openssl: |
1443 | +upstream_openssl: needs-triage |
1444 | +trusty_openssl: ignored (end of standard support) |
1445 | +trusty/esm_openssl: needs-triage |
1446 | +xenial_openssl: ignored (end of standard support) |
1447 | +esm-infra/xenial_openssl: needs-triage |
1448 | +fips-updates/xenial_openssl: needs-triage |
1449 | +fips/xenial_openssl: needs-triage |
1450 | +bionic_openssl: ignored (end of standard support) |
1451 | +esm-infra/bionic_openssl: needs-triage |
1452 | +fips-updates/bionic_openssl: needs-triage |
1453 | +fips/bionic_openssl: needs-triage |
1454 | +focal_openssl: needs-triage |
1455 | +fips-updates/focal_openssl: needs-triage |
1456 | +fips/focal_openssl: needs-triage |
1457 | +jammy_openssl: needs-triage |
1458 | +mantic_openssl: needs-triage |
1459 | +devel_openssl: needs-triage |
1460 | + |
1461 | +Patches_openssl1.0: |
1462 | +upstream_openssl1.0: needs-triage |
1463 | +trusty_openssl1.0: DNE |
1464 | +xenial_openssl1.0: DNE |
1465 | +bionic_openssl1.0: ignored (end of standard support) |
1466 | +esm-infra/bionic_openssl1.0: needs-triage |
1467 | +focal_openssl1.0: DNE |
1468 | +jammy_openssl1.0: DNE |
1469 | +mantic_openssl1.0: DNE |
1470 | +devel_openssl1.0: DNE |
1471 | + |
1472 | +Patches_nodejs: |
1473 | +upstream_nodejs: needs-triage |
1474 | +trusty_nodejs: ignored (end of standard support) |
1475 | +trusty/esm_nodejs: not-affected (uses system openssl) |
1476 | +xenial_nodejs: not-affected (uses system openssl) |
1477 | +esm-apps/xenial_nodejs: needs-triage |
1478 | +bionic_nodejs: not-affected (uses system openssl1.0) |
1479 | +esm-apps/bionic_nodejs: needs-triage |
1480 | +focal_nodejs: not-affected (uses system openssl) |
1481 | +esm-apps/focal_nodejs: needs-triage |
1482 | +jammy_nodejs: needed |
1483 | +esm-apps/jammy_nodejs: needs-triage |
1484 | +mantic_nodejs: not-affected (uses system openssl) |
1485 | +devel_nodejs: not-affected (uses system openssl) |
1486 | + |
1487 | +Patches_edk2: |
1488 | +upstream_edk2: needs-triage |
1489 | +trusty_edk2: ignored (end of standard support) |
1490 | +xenial_edk2: ignored (end of standard support) |
1491 | +esm-apps/xenial_edk2: needs-triage |
1492 | +bionic_edk2: ignored (end of standard support) |
1493 | +esm-apps/bionic_edk2: needs-triage |
1494 | +focal_edk2: needs-triage |
1495 | +jammy_edk2: needs-triage |
1496 | +mantic_edk2: needs-triage |
1497 | diff --git a/scripts/testfiles/cve_lib_test_4.result b/scripts/testfiles/cve_lib_test_4.result |
1498 | new file mode 100644 |
1499 | index 0000000..2dad463 |
1500 | --- /dev/null |
1501 | +++ b/scripts/testfiles/cve_lib_test_4.result |
1502 | @@ -0,0 +1,71 @@ |
1503 | +Candidate: CVE-2024-TEST |
1504 | +PublicDate: 2024-02-16 |
1505 | +References: |
1506 | + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-NNN1 |
1507 | +Description: |
1508 | + Some flaw description |
1509 | +Ubuntu-Description: |
1510 | +Notes: |
1511 | +Mitigation: |
1512 | +Bugs: |
1513 | +Priority: medium |
1514 | +Discovered-by: |
1515 | +Assigned-to: |
1516 | +CVSS: |
1517 | + |
1518 | +Patches_openssl: |
1519 | +upstream_openssl: needs-triage |
1520 | +trusty_openssl: ignored (end of standard support) |
1521 | +trusty/esm_openssl: needs-triage |
1522 | +xenial_openssl: ignored (end of standard support) |
1523 | +esm-infra/xenial_openssl: needs-triage |
1524 | +fips-updates/xenial_openssl: needs-triage |
1525 | +fips/xenial_openssl: needs-triage |
1526 | +bionic_openssl: ignored (end of standard support) |
1527 | +esm-infra/bionic_openssl: needs-triage |
1528 | +fips-updates/bionic_openssl: needs-triage |
1529 | +fips/bionic_openssl: needs-triage |
1530 | +focal_openssl: needs-triage |
1531 | +fips-updates/focal_openssl: needs-triage |
1532 | +fips/focal_openssl: needs-triage |
1533 | +jammy_openssl: needs-triage |
1534 | +mantic_openssl: needs-triage |
1535 | +devel_openssl: needs-triage |
1536 | + |
1537 | +Patches_openssl1.0: |
1538 | +upstream_openssl1.0: needs-triage |
1539 | +trusty_openssl1.0: DNE |
1540 | +xenial_openssl1.0: DNE |
1541 | +bionic_openssl1.0: ignored (end of standard support) |
1542 | +esm-infra/bionic_openssl1.0: needs-triage |
1543 | +focal_openssl1.0: DNE |
1544 | +jammy_openssl1.0: DNE |
1545 | +mantic_openssl1.0: DNE |
1546 | +devel_openssl1.0: DNE |
1547 | + |
1548 | +Patches_nodejs: |
1549 | +upstream_nodejs: needs-triage |
1550 | +trusty_nodejs: ignored (end of standard support) |
1551 | +trusty/esm_nodejs: not-affected (uses system openssl) |
1552 | +xenial_nodejs: not-affected (uses system openssl) |
1553 | +esm-apps/xenial_nodejs: needs-triage |
1554 | +bionic_nodejs: not-affected (uses system openssl1.0) |
1555 | +esm-apps/bionic_nodejs: needs-triage |
1556 | +focal_nodejs: not-affected (uses system openssl) |
1557 | +esm-apps/focal_nodejs: needs-triage |
1558 | +jammy_nodejs: needed |
1559 | +esm-apps/jammy_nodejs: needs-triage |
1560 | +mantic_nodejs: not-affected (uses system openssl) |
1561 | +devel_nodejs: not-affected (uses system openssl) |
1562 | + |
1563 | +Patches_edk2: |
1564 | +upstream_edk2: needs-triage |
1565 | +trusty_edk2: ignored (end of standard support) |
1566 | +xenial_edk2: ignored (end of standard support) |
1567 | +esm-apps/xenial_edk2: needs-triage |
1568 | +bionic_edk2: ignored (end of standard support) |
1569 | +esm-apps/bionic_edk2: needs-triage |
1570 | +focal_edk2: needs-triage |
1571 | +jammy_edk2: needs-triage |
1572 | +mantic_edk2: needs-triage |
1573 | +devel_edk2: needs-triage |
1574 | diff --git a/scripts/testfiles/cve_lib_test_5.in b/scripts/testfiles/cve_lib_test_5.in |
1575 | new file mode 100644 |
1576 | index 0000000..aa830d9 |
1577 | --- /dev/null |
1578 | +++ b/scripts/testfiles/cve_lib_test_5.in |
1579 | @@ -0,0 +1,70 @@ |
1580 | +Candidate: CVE-2024-TEST |
1581 | +PublicDate: 2024-02-16 |
1582 | +References: |
1583 | + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-NNN1 |
1584 | +Description: |
1585 | + Some flaw description |
1586 | +Ubuntu-Description: |
1587 | +Notes: |
1588 | +Mitigation: |
1589 | +Bugs: |
1590 | +Priority: medium |
1591 | +Discovered-by: |
1592 | +Assigned-to: |
1593 | +CVSS: |
1594 | + |
1595 | +Patches_openssl: |
1596 | +upstream_openssl: needs-triage |
1597 | +trusty_openssl: ignored (end of standard support) |
1598 | +trusty/esm_openssl: needs-triage |
1599 | +xenial_openssl: ignored (end of standard support) |
1600 | +esm-infra/xenial_openssl: needs-triage |
1601 | +fips-updates/xenial_openssl: needs-triage |
1602 | +fips/xenial_openssl: needs-triage |
1603 | +bionic_openssl: ignored (end of standard support) |
1604 | +esm-infra/bionic_openssl: needs-triage |
1605 | +fips-updates/bionic_openssl: needs-triage |
1606 | +fips/bionic_openssl: needs-triage |
1607 | +focal_openssl: needs-triage |
1608 | +fips-updates/focal_openssl: needs-triage |
1609 | +fips/focal_openssl: needs-triage |
1610 | +jammy_openssl: needs-triage |
1611 | +devel_openssl: needs-triage |
1612 | + |
1613 | +Patches_openssl1.0: |
1614 | +upstream_openssl1.0: needs-triage |
1615 | +trusty_openssl1.0: DNE |
1616 | +xenial_openssl1.0: DNE |
1617 | +bionic_openssl1.0: ignored (end of standard support) |
1618 | +esm-infra/bionic_openssl1.0: needs-triage |
1619 | +focal_openssl1.0: DNE |
1620 | +jammy_openssl1.0: DNE |
1621 | +mantic_openssl1.0: DNE |
1622 | +devel_openssl1.0: DNE |
1623 | + |
1624 | +Patches_nodejs: |
1625 | +upstream_nodejs: needs-triage |
1626 | +trusty_nodejs: ignored (end of standard support) |
1627 | +trusty/esm_nodejs: not-affected (uses system openssl) |
1628 | +xenial_nodejs: not-affected (uses system openssl) |
1629 | +esm-apps/xenial_nodejs: needs-triage |
1630 | +bionic_nodejs: not-affected (uses system openssl1.0) |
1631 | +esm-apps/bionic_nodejs: needs-triage |
1632 | +focal_nodejs: not-affected (uses system openssl) |
1633 | +esm-apps/focal_nodejs: needs-triage |
1634 | +jammy_nodejs: needed |
1635 | +esm-apps/jammy_nodejs: needs-triage |
1636 | +mantic_nodejs: not-affected (uses system openssl) |
1637 | +devel_nodejs: not-affected (uses system openssl) |
1638 | + |
1639 | +Patches_edk2: |
1640 | +upstream_edk2: needs-triage |
1641 | +trusty_edk2: ignored (end of standard support) |
1642 | +xenial_edk2: ignored (end of standard support) |
1643 | +esm-apps/xenial_edk2: needs-triage |
1644 | +bionic_edk2: ignored (end of standard support) |
1645 | +esm-apps/bionic_edk2: needs-triage |
1646 | +focal_edk2: needs-triage |
1647 | +jammy_edk2: needs-triage |
1648 | +mantic_edk2: needs-triage |
1649 | +devel_edk2: needs-triage |
1650 | diff --git a/scripts/testfiles/cve_lib_test_5.result b/scripts/testfiles/cve_lib_test_5.result |
1651 | new file mode 100644 |
1652 | index 0000000..0464b30 |
1653 | --- /dev/null |
1654 | +++ b/scripts/testfiles/cve_lib_test_5.result |
1655 | @@ -0,0 +1,71 @@ |
1656 | +Candidate: CVE-2024-TEST |
1657 | +PublicDate: 2024-02-16 |
1658 | +References: |
1659 | + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-NNN1 |
1660 | +Description: |
1661 | + Some flaw description |
1662 | +Ubuntu-Description: |
1663 | +Notes: |
1664 | +Mitigation: |
1665 | +Bugs: |
1666 | +Priority: medium |
1667 | +Discovered-by: |
1668 | +Assigned-to: |
1669 | +CVSS: |
1670 | + |
1671 | +Patches_openssl: |
1672 | +upstream_openssl: needs-triage |
1673 | +trusty_openssl: ignored (end of standard support) |
1674 | +trusty/esm_openssl: needs-triage |
1675 | +xenial_openssl: ignored (end of standard support) |
1676 | +esm-infra/xenial_openssl: needs-triage |
1677 | +fips-updates/xenial_openssl: needs-triage |
1678 | +fips/xenial_openssl: needs-triage |
1679 | +bionic_openssl: ignored (end of standard support) |
1680 | +esm-infra/bionic_openssl: needs-triage |
1681 | +fips-updates/bionic_openssl: needs-triage |
1682 | +fips/bionic_openssl: needs-triage |
1683 | +focal_openssl: needs-triage |
1684 | +fips-updates/focal_openssl: needs-triage |
1685 | +fips/focal_openssl: needs-triage |
1686 | +jammy_openssl: needs-triage |
1687 | +mantic_openssl: not-affected (code not present) |
1688 | +devel_openssl: needs-triage |
1689 | + |
1690 | +Patches_openssl1.0: |
1691 | +upstream_openssl1.0: needs-triage |
1692 | +trusty_openssl1.0: DNE |
1693 | +xenial_openssl1.0: DNE |
1694 | +bionic_openssl1.0: ignored (end of standard support) |
1695 | +esm-infra/bionic_openssl1.0: needs-triage |
1696 | +focal_openssl1.0: DNE |
1697 | +jammy_openssl1.0: DNE |
1698 | +mantic_openssl1.0: DNE |
1699 | +devel_openssl1.0: DNE |
1700 | + |
1701 | +Patches_nodejs: |
1702 | +upstream_nodejs: needs-triage |
1703 | +trusty_nodejs: ignored (end of standard support) |
1704 | +trusty/esm_nodejs: not-affected (uses system openssl) |
1705 | +xenial_nodejs: not-affected (uses system openssl) |
1706 | +esm-apps/xenial_nodejs: needs-triage |
1707 | +bionic_nodejs: not-affected (uses system openssl1.0) |
1708 | +esm-apps/bionic_nodejs: needs-triage |
1709 | +focal_nodejs: not-affected (uses system openssl) |
1710 | +esm-apps/focal_nodejs: needs-triage |
1711 | +jammy_nodejs: needed |
1712 | +esm-apps/jammy_nodejs: needs-triage |
1713 | +mantic_nodejs: not-affected (uses system openssl) |
1714 | +devel_nodejs: not-affected (uses system openssl) |
1715 | + |
1716 | +Patches_edk2: |
1717 | +upstream_edk2: needs-triage |
1718 | +trusty_edk2: ignored (end of standard support) |
1719 | +xenial_edk2: ignored (end of standard support) |
1720 | +esm-apps/xenial_edk2: needs-triage |
1721 | +bionic_edk2: ignored (end of standard support) |
1722 | +esm-apps/bionic_edk2: needs-triage |
1723 | +focal_edk2: needs-triage |
1724 | +jammy_edk2: needs-triage |
1725 | +mantic_edk2: needs-triage |
1726 | +devel_edk2: needs-triage |
1727 | diff --git a/scripts/testfiles/cve_lib_test_6.in b/scripts/testfiles/cve_lib_test_6.in |
1728 | new file mode 100644 |
1729 | index 0000000..aa830d9 |
1730 | --- /dev/null |
1731 | +++ b/scripts/testfiles/cve_lib_test_6.in |
1732 | @@ -0,0 +1,70 @@ |
1733 | +Candidate: CVE-2024-TEST |
1734 | +PublicDate: 2024-02-16 |
1735 | +References: |
1736 | + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-NNN1 |
1737 | +Description: |
1738 | + Some flaw description |
1739 | +Ubuntu-Description: |
1740 | +Notes: |
1741 | +Mitigation: |
1742 | +Bugs: |
1743 | +Priority: medium |
1744 | +Discovered-by: |
1745 | +Assigned-to: |
1746 | +CVSS: |
1747 | + |
1748 | +Patches_openssl: |
1749 | +upstream_openssl: needs-triage |
1750 | +trusty_openssl: ignored (end of standard support) |
1751 | +trusty/esm_openssl: needs-triage |
1752 | +xenial_openssl: ignored (end of standard support) |
1753 | +esm-infra/xenial_openssl: needs-triage |
1754 | +fips-updates/xenial_openssl: needs-triage |
1755 | +fips/xenial_openssl: needs-triage |
1756 | +bionic_openssl: ignored (end of standard support) |
1757 | +esm-infra/bionic_openssl: needs-triage |
1758 | +fips-updates/bionic_openssl: needs-triage |
1759 | +fips/bionic_openssl: needs-triage |
1760 | +focal_openssl: needs-triage |
1761 | +fips-updates/focal_openssl: needs-triage |
1762 | +fips/focal_openssl: needs-triage |
1763 | +jammy_openssl: needs-triage |
1764 | +devel_openssl: needs-triage |
1765 | + |
1766 | +Patches_openssl1.0: |
1767 | +upstream_openssl1.0: needs-triage |
1768 | +trusty_openssl1.0: DNE |
1769 | +xenial_openssl1.0: DNE |
1770 | +bionic_openssl1.0: ignored (end of standard support) |
1771 | +esm-infra/bionic_openssl1.0: needs-triage |
1772 | +focal_openssl1.0: DNE |
1773 | +jammy_openssl1.0: DNE |
1774 | +mantic_openssl1.0: DNE |
1775 | +devel_openssl1.0: DNE |
1776 | + |
1777 | +Patches_nodejs: |
1778 | +upstream_nodejs: needs-triage |
1779 | +trusty_nodejs: ignored (end of standard support) |
1780 | +trusty/esm_nodejs: not-affected (uses system openssl) |
1781 | +xenial_nodejs: not-affected (uses system openssl) |
1782 | +esm-apps/xenial_nodejs: needs-triage |
1783 | +bionic_nodejs: not-affected (uses system openssl1.0) |
1784 | +esm-apps/bionic_nodejs: needs-triage |
1785 | +focal_nodejs: not-affected (uses system openssl) |
1786 | +esm-apps/focal_nodejs: needs-triage |
1787 | +jammy_nodejs: needed |
1788 | +esm-apps/jammy_nodejs: needs-triage |
1789 | +mantic_nodejs: not-affected (uses system openssl) |
1790 | +devel_nodejs: not-affected (uses system openssl) |
1791 | + |
1792 | +Patches_edk2: |
1793 | +upstream_edk2: needs-triage |
1794 | +trusty_edk2: ignored (end of standard support) |
1795 | +xenial_edk2: ignored (end of standard support) |
1796 | +esm-apps/xenial_edk2: needs-triage |
1797 | +bionic_edk2: ignored (end of standard support) |
1798 | +esm-apps/bionic_edk2: needs-triage |
1799 | +focal_edk2: needs-triage |
1800 | +jammy_edk2: needs-triage |
1801 | +mantic_edk2: needs-triage |
1802 | +devel_edk2: needs-triage |
1803 | diff --git a/scripts/testfiles/cve_lib_test_6.result b/scripts/testfiles/cve_lib_test_6.result |
1804 | new file mode 100644 |
1805 | index 0000000..2dad463 |
1806 | --- /dev/null |
1807 | +++ b/scripts/testfiles/cve_lib_test_6.result |
1808 | @@ -0,0 +1,71 @@ |
1809 | +Candidate: CVE-2024-TEST |
1810 | +PublicDate: 2024-02-16 |
1811 | +References: |
1812 | + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-NNN1 |
1813 | +Description: |
1814 | + Some flaw description |
1815 | +Ubuntu-Description: |
1816 | +Notes: |
1817 | +Mitigation: |
1818 | +Bugs: |
1819 | +Priority: medium |
1820 | +Discovered-by: |
1821 | +Assigned-to: |
1822 | +CVSS: |
1823 | + |
1824 | +Patches_openssl: |
1825 | +upstream_openssl: needs-triage |
1826 | +trusty_openssl: ignored (end of standard support) |
1827 | +trusty/esm_openssl: needs-triage |
1828 | +xenial_openssl: ignored (end of standard support) |
1829 | +esm-infra/xenial_openssl: needs-triage |
1830 | +fips-updates/xenial_openssl: needs-triage |
1831 | +fips/xenial_openssl: needs-triage |
1832 | +bionic_openssl: ignored (end of standard support) |
1833 | +esm-infra/bionic_openssl: needs-triage |
1834 | +fips-updates/bionic_openssl: needs-triage |
1835 | +fips/bionic_openssl: needs-triage |
1836 | +focal_openssl: needs-triage |
1837 | +fips-updates/focal_openssl: needs-triage |
1838 | +fips/focal_openssl: needs-triage |
1839 | +jammy_openssl: needs-triage |
1840 | +mantic_openssl: needs-triage |
1841 | +devel_openssl: needs-triage |
1842 | + |
1843 | +Patches_openssl1.0: |
1844 | +upstream_openssl1.0: needs-triage |
1845 | +trusty_openssl1.0: DNE |
1846 | +xenial_openssl1.0: DNE |
1847 | +bionic_openssl1.0: ignored (end of standard support) |
1848 | +esm-infra/bionic_openssl1.0: needs-triage |
1849 | +focal_openssl1.0: DNE |
1850 | +jammy_openssl1.0: DNE |
1851 | +mantic_openssl1.0: DNE |
1852 | +devel_openssl1.0: DNE |
1853 | + |
1854 | +Patches_nodejs: |
1855 | +upstream_nodejs: needs-triage |
1856 | +trusty_nodejs: ignored (end of standard support) |
1857 | +trusty/esm_nodejs: not-affected (uses system openssl) |
1858 | +xenial_nodejs: not-affected (uses system openssl) |
1859 | +esm-apps/xenial_nodejs: needs-triage |
1860 | +bionic_nodejs: not-affected (uses system openssl1.0) |
1861 | +esm-apps/bionic_nodejs: needs-triage |
1862 | +focal_nodejs: not-affected (uses system openssl) |
1863 | +esm-apps/focal_nodejs: needs-triage |
1864 | +jammy_nodejs: needed |
1865 | +esm-apps/jammy_nodejs: needs-triage |
1866 | +mantic_nodejs: not-affected (uses system openssl) |
1867 | +devel_nodejs: not-affected (uses system openssl) |
1868 | + |
1869 | +Patches_edk2: |
1870 | +upstream_edk2: needs-triage |
1871 | +trusty_edk2: ignored (end of standard support) |
1872 | +xenial_edk2: ignored (end of standard support) |
1873 | +esm-apps/xenial_edk2: needs-triage |
1874 | +bionic_edk2: ignored (end of standard support) |
1875 | +esm-apps/bionic_edk2: needs-triage |
1876 | +focal_edk2: needs-triage |
1877 | +jammy_edk2: needs-triage |
1878 | +mantic_edk2: needs-triage |
1879 | +devel_edk2: needs-triage |
1880 | diff --git a/scripts/testfiles/cve_lib_test_7.in b/scripts/testfiles/cve_lib_test_7.in |
1881 | new file mode 100644 |
1882 | index 0000000..2dad463 |
1883 | --- /dev/null |
1884 | +++ b/scripts/testfiles/cve_lib_test_7.in |
1885 | @@ -0,0 +1,71 @@ |
1886 | +Candidate: CVE-2024-TEST |
1887 | +PublicDate: 2024-02-16 |
1888 | +References: |
1889 | + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-NNN1 |
1890 | +Description: |
1891 | + Some flaw description |
1892 | +Ubuntu-Description: |
1893 | +Notes: |
1894 | +Mitigation: |
1895 | +Bugs: |
1896 | +Priority: medium |
1897 | +Discovered-by: |
1898 | +Assigned-to: |
1899 | +CVSS: |
1900 | + |
1901 | +Patches_openssl: |
1902 | +upstream_openssl: needs-triage |
1903 | +trusty_openssl: ignored (end of standard support) |
1904 | +trusty/esm_openssl: needs-triage |
1905 | +xenial_openssl: ignored (end of standard support) |
1906 | +esm-infra/xenial_openssl: needs-triage |
1907 | +fips-updates/xenial_openssl: needs-triage |
1908 | +fips/xenial_openssl: needs-triage |
1909 | +bionic_openssl: ignored (end of standard support) |
1910 | +esm-infra/bionic_openssl: needs-triage |
1911 | +fips-updates/bionic_openssl: needs-triage |
1912 | +fips/bionic_openssl: needs-triage |
1913 | +focal_openssl: needs-triage |
1914 | +fips-updates/focal_openssl: needs-triage |
1915 | +fips/focal_openssl: needs-triage |
1916 | +jammy_openssl: needs-triage |
1917 | +mantic_openssl: needs-triage |
1918 | +devel_openssl: needs-triage |
1919 | + |
1920 | +Patches_openssl1.0: |
1921 | +upstream_openssl1.0: needs-triage |
1922 | +trusty_openssl1.0: DNE |
1923 | +xenial_openssl1.0: DNE |
1924 | +bionic_openssl1.0: ignored (end of standard support) |
1925 | +esm-infra/bionic_openssl1.0: needs-triage |
1926 | +focal_openssl1.0: DNE |
1927 | +jammy_openssl1.0: DNE |
1928 | +mantic_openssl1.0: DNE |
1929 | +devel_openssl1.0: DNE |
1930 | + |
1931 | +Patches_nodejs: |
1932 | +upstream_nodejs: needs-triage |
1933 | +trusty_nodejs: ignored (end of standard support) |
1934 | +trusty/esm_nodejs: not-affected (uses system openssl) |
1935 | +xenial_nodejs: not-affected (uses system openssl) |
1936 | +esm-apps/xenial_nodejs: needs-triage |
1937 | +bionic_nodejs: not-affected (uses system openssl1.0) |
1938 | +esm-apps/bionic_nodejs: needs-triage |
1939 | +focal_nodejs: not-affected (uses system openssl) |
1940 | +esm-apps/focal_nodejs: needs-triage |
1941 | +jammy_nodejs: needed |
1942 | +esm-apps/jammy_nodejs: needs-triage |
1943 | +mantic_nodejs: not-affected (uses system openssl) |
1944 | +devel_nodejs: not-affected (uses system openssl) |
1945 | + |
1946 | +Patches_edk2: |
1947 | +upstream_edk2: needs-triage |
1948 | +trusty_edk2: ignored (end of standard support) |
1949 | +xenial_edk2: ignored (end of standard support) |
1950 | +esm-apps/xenial_edk2: needs-triage |
1951 | +bionic_edk2: ignored (end of standard support) |
1952 | +esm-apps/bionic_edk2: needs-triage |
1953 | +focal_edk2: needs-triage |
1954 | +jammy_edk2: needs-triage |
1955 | +mantic_edk2: needs-triage |
1956 | +devel_edk2: needs-triage |
1957 | diff --git a/scripts/testfiles/cve_lib_test_7.result b/scripts/testfiles/cve_lib_test_7.result |
1958 | new file mode 100644 |
1959 | index 0000000..d101117 |
1960 | --- /dev/null |
1961 | +++ b/scripts/testfiles/cve_lib_test_7.result |
1962 | @@ -0,0 +1,71 @@ |
1963 | +Candidate: CVE-2024-TEST |
1964 | +PublicDate: 2024-02-16 |
1965 | +References: |
1966 | + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-NNN1 |
1967 | +Description: |
1968 | + Some flaw description |
1969 | +Ubuntu-Description: |
1970 | +Notes: |
1971 | +Mitigation: |
1972 | +Bugs: |
1973 | +Priority: medium |
1974 | +Discovered-by: |
1975 | +Assigned-to: |
1976 | +CVSS: |
1977 | + |
1978 | +Patches_openssl: |
1979 | +upstream_openssl: needs-triage |
1980 | +trusty_openssl: ignored (end of standard support) |
1981 | +trusty/esm_openssl: needs-triage |
1982 | +xenial_openssl: ignored (end of standard support) |
1983 | +esm-infra/xenial_openssl: needs-triage |
1984 | +fips-updates/xenial_openssl: needs-triage |
1985 | +fips/xenial_openssl: needs-triage |
1986 | +bionic_openssl: ignored (end of standard support) |
1987 | +esm-infra/bionic_openssl: needs-triage |
1988 | +fips-updates/bionic_openssl: needs-triage |
1989 | +fips/bionic_openssl: needs-triage |
1990 | +focal_openssl: needs-triage |
1991 | +fips-updates/focal_openssl: needs-triage |
1992 | +fips/focal_openssl: needs-triage |
1993 | +jammy_openssl: needs-triage |
1994 | +mantic_openssl: not-affected |
1995 | +devel_openssl: needs-triage |
1996 | + |
1997 | +Patches_openssl1.0: |
1998 | +upstream_openssl1.0: needs-triage |
1999 | +trusty_openssl1.0: DNE |
2000 | +xenial_openssl1.0: DNE |
2001 | +bionic_openssl1.0: ignored (end of standard support) |
2002 | +esm-infra/bionic_openssl1.0: needs-triage |
2003 | +focal_openssl1.0: DNE |
2004 | +jammy_openssl1.0: DNE |
2005 | +mantic_openssl1.0: DNE |
2006 | +devel_openssl1.0: DNE |
2007 | + |
2008 | +Patches_nodejs: |
2009 | +upstream_nodejs: needs-triage |
2010 | +trusty_nodejs: ignored (end of standard support) |
2011 | +trusty/esm_nodejs: not-affected (uses system openssl) |
2012 | +xenial_nodejs: not-affected (uses system openssl) |
2013 | +esm-apps/xenial_nodejs: needs-triage |
2014 | +bionic_nodejs: not-affected (uses system openssl1.0) |
2015 | +esm-apps/bionic_nodejs: needs-triage |
2016 | +focal_nodejs: not-affected (uses system openssl) |
2017 | +esm-apps/focal_nodejs: needs-triage |
2018 | +jammy_nodejs: needed |
2019 | +esm-apps/jammy_nodejs: needs-triage |
2020 | +mantic_nodejs: not-affected (uses system openssl) |
2021 | +devel_nodejs: not-affected (uses system openssl) |
2022 | + |
2023 | +Patches_edk2: |
2024 | +upstream_edk2: needs-triage |
2025 | +trusty_edk2: ignored (end of standard support) |
2026 | +xenial_edk2: ignored (end of standard support) |
2027 | +esm-apps/xenial_edk2: needs-triage |
2028 | +bionic_edk2: ignored (end of standard support) |
2029 | +esm-apps/bionic_edk2: needs-triage |
2030 | +focal_edk2: needs-triage |
2031 | +jammy_edk2: needs-triage |
2032 | +mantic_edk2: needs-triage |
2033 | +devel_edk2: needs-triage |
2034 | diff --git a/scripts/testfiles/cve_lib_test_8.in b/scripts/testfiles/cve_lib_test_8.in |
2035 | new file mode 100644 |
2036 | index 0000000..2dad463 |
2037 | --- /dev/null |
2038 | +++ b/scripts/testfiles/cve_lib_test_8.in |
2039 | @@ -0,0 +1,71 @@ |
2040 | +Candidate: CVE-2024-TEST |
2041 | +PublicDate: 2024-02-16 |
2042 | +References: |
2043 | + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-NNN1 |
2044 | +Description: |
2045 | + Some flaw description |
2046 | +Ubuntu-Description: |
2047 | +Notes: |
2048 | +Mitigation: |
2049 | +Bugs: |
2050 | +Priority: medium |
2051 | +Discovered-by: |
2052 | +Assigned-to: |
2053 | +CVSS: |
2054 | + |
2055 | +Patches_openssl: |
2056 | +upstream_openssl: needs-triage |
2057 | +trusty_openssl: ignored (end of standard support) |
2058 | +trusty/esm_openssl: needs-triage |
2059 | +xenial_openssl: ignored (end of standard support) |
2060 | +esm-infra/xenial_openssl: needs-triage |
2061 | +fips-updates/xenial_openssl: needs-triage |
2062 | +fips/xenial_openssl: needs-triage |
2063 | +bionic_openssl: ignored (end of standard support) |
2064 | +esm-infra/bionic_openssl: needs-triage |
2065 | +fips-updates/bionic_openssl: needs-triage |
2066 | +fips/bionic_openssl: needs-triage |
2067 | +focal_openssl: needs-triage |
2068 | +fips-updates/focal_openssl: needs-triage |
2069 | +fips/focal_openssl: needs-triage |
2070 | +jammy_openssl: needs-triage |
2071 | +mantic_openssl: needs-triage |
2072 | +devel_openssl: needs-triage |
2073 | + |
2074 | +Patches_openssl1.0: |
2075 | +upstream_openssl1.0: needs-triage |
2076 | +trusty_openssl1.0: DNE |
2077 | +xenial_openssl1.0: DNE |
2078 | +bionic_openssl1.0: ignored (end of standard support) |
2079 | +esm-infra/bionic_openssl1.0: needs-triage |
2080 | +focal_openssl1.0: DNE |
2081 | +jammy_openssl1.0: DNE |
2082 | +mantic_openssl1.0: DNE |
2083 | +devel_openssl1.0: DNE |
2084 | + |
2085 | +Patches_nodejs: |
2086 | +upstream_nodejs: needs-triage |
2087 | +trusty_nodejs: ignored (end of standard support) |
2088 | +trusty/esm_nodejs: not-affected (uses system openssl) |
2089 | +xenial_nodejs: not-affected (uses system openssl) |
2090 | +esm-apps/xenial_nodejs: needs-triage |
2091 | +bionic_nodejs: not-affected (uses system openssl1.0) |
2092 | +esm-apps/bionic_nodejs: needs-triage |
2093 | +focal_nodejs: not-affected (uses system openssl) |
2094 | +esm-apps/focal_nodejs: needs-triage |
2095 | +jammy_nodejs: needed |
2096 | +esm-apps/jammy_nodejs: needs-triage |
2097 | +mantic_nodejs: not-affected (uses system openssl) |
2098 | +devel_nodejs: not-affected (uses system openssl) |
2099 | + |
2100 | +Patches_edk2: |
2101 | +upstream_edk2: needs-triage |
2102 | +trusty_edk2: ignored (end of standard support) |
2103 | +xenial_edk2: ignored (end of standard support) |
2104 | +esm-apps/xenial_edk2: needs-triage |
2105 | +bionic_edk2: ignored (end of standard support) |
2106 | +esm-apps/bionic_edk2: needs-triage |
2107 | +focal_edk2: needs-triage |
2108 | +jammy_edk2: needs-triage |
2109 | +mantic_edk2: needs-triage |
2110 | +devel_edk2: needs-triage |
2111 | diff --git a/scripts/testfiles/cve_lib_test_8.result b/scripts/testfiles/cve_lib_test_8.result |
2112 | new file mode 100644 |
2113 | index 0000000..0464b30 |
2114 | --- /dev/null |
2115 | +++ b/scripts/testfiles/cve_lib_test_8.result |
2116 | @@ -0,0 +1,71 @@ |
2117 | +Candidate: CVE-2024-TEST |
2118 | +PublicDate: 2024-02-16 |
2119 | +References: |
2120 | + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-NNN1 |
2121 | +Description: |
2122 | + Some flaw description |
2123 | +Ubuntu-Description: |
2124 | +Notes: |
2125 | +Mitigation: |
2126 | +Bugs: |
2127 | +Priority: medium |
2128 | +Discovered-by: |
2129 | +Assigned-to: |
2130 | +CVSS: |
2131 | + |
2132 | +Patches_openssl: |
2133 | +upstream_openssl: needs-triage |
2134 | +trusty_openssl: ignored (end of standard support) |
2135 | +trusty/esm_openssl: needs-triage |
2136 | +xenial_openssl: ignored (end of standard support) |
2137 | +esm-infra/xenial_openssl: needs-triage |
2138 | +fips-updates/xenial_openssl: needs-triage |
2139 | +fips/xenial_openssl: needs-triage |
2140 | +bionic_openssl: ignored (end of standard support) |
2141 | +esm-infra/bionic_openssl: needs-triage |
2142 | +fips-updates/bionic_openssl: needs-triage |
2143 | +fips/bionic_openssl: needs-triage |
2144 | +focal_openssl: needs-triage |
2145 | +fips-updates/focal_openssl: needs-triage |
2146 | +fips/focal_openssl: needs-triage |
2147 | +jammy_openssl: needs-triage |
2148 | +mantic_openssl: not-affected (code not present) |
2149 | +devel_openssl: needs-triage |
2150 | + |
2151 | +Patches_openssl1.0: |
2152 | +upstream_openssl1.0: needs-triage |
2153 | +trusty_openssl1.0: DNE |
2154 | +xenial_openssl1.0: DNE |
2155 | +bionic_openssl1.0: ignored (end of standard support) |
2156 | +esm-infra/bionic_openssl1.0: needs-triage |
2157 | +focal_openssl1.0: DNE |
2158 | +jammy_openssl1.0: DNE |
2159 | +mantic_openssl1.0: DNE |
2160 | +devel_openssl1.0: DNE |
2161 | + |
2162 | +Patches_nodejs: |
2163 | +upstream_nodejs: needs-triage |
2164 | +trusty_nodejs: ignored (end of standard support) |
2165 | +trusty/esm_nodejs: not-affected (uses system openssl) |
2166 | +xenial_nodejs: not-affected (uses system openssl) |
2167 | +esm-apps/xenial_nodejs: needs-triage |
2168 | +bionic_nodejs: not-affected (uses system openssl1.0) |
2169 | +esm-apps/bionic_nodejs: needs-triage |
2170 | +focal_nodejs: not-affected (uses system openssl) |
2171 | +esm-apps/focal_nodejs: needs-triage |
2172 | +jammy_nodejs: needed |
2173 | +esm-apps/jammy_nodejs: needs-triage |
2174 | +mantic_nodejs: not-affected (uses system openssl) |
2175 | +devel_nodejs: not-affected (uses system openssl) |
2176 | + |
2177 | +Patches_edk2: |
2178 | +upstream_edk2: needs-triage |
2179 | +trusty_edk2: ignored (end of standard support) |
2180 | +xenial_edk2: ignored (end of standard support) |
2181 | +esm-apps/xenial_edk2: needs-triage |
2182 | +bionic_edk2: ignored (end of standard support) |
2183 | +esm-apps/bionic_edk2: needs-triage |
2184 | +focal_edk2: needs-triage |
2185 | +jammy_edk2: needs-triage |
2186 | +mantic_edk2: needs-triage |
2187 | +devel_edk2: needs-triage |
2188 | diff --git a/scripts/testfiles/cve_lib_test_9.in b/scripts/testfiles/cve_lib_test_9.in |
2189 | new file mode 100644 |
2190 | index 0000000..babe94b |
2191 | --- /dev/null |
2192 | +++ b/scripts/testfiles/cve_lib_test_9.in |
2193 | @@ -0,0 +1,70 @@ |
2194 | +Candidate: CVE-2024-TEST |
2195 | +PublicDate: 2024-02-16 |
2196 | +References: |
2197 | + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-NNN1 |
2198 | +Description: |
2199 | + Some flaw description |
2200 | +Ubuntu-Description: |
2201 | +Notes: |
2202 | +Mitigation: |
2203 | +Bugs: |
2204 | +Priority: medium |
2205 | +Discovered-by: |
2206 | +Assigned-to: |
2207 | +CVSS: |
2208 | + |
2209 | +Patches_openssl: |
2210 | +upstream_openssl: needs-triage |
2211 | +trusty_openssl: ignored (end of standard support) |
2212 | +trusty/esm_openssl: needs-triage |
2213 | +xenial_openssl: ignored (end of standard support) |
2214 | +esm-infra/xenial_openssl: needs-triage |
2215 | +fips-updates/xenial_openssl: needs-triage |
2216 | +fips/xenial_openssl: needs-triage |
2217 | +bionic_openssl: ignored (end of standard support) |
2218 | +esm-infra/bionic_openssl: needs-triage |
2219 | +fips-updates/bionic_openssl: needs-triage |
2220 | +fips/bionic_openssl: needs-triage |
2221 | +focal_openssl: needs-triage |
2222 | +fips-updates/focal_openssl: needs-triage |
2223 | +fips/focal_openssl: needs-triage |
2224 | +mantic_openssl: released (1.1.2-1ubuntu6) |
2225 | +devel_openssl: needs-triage |
2226 | + |
2227 | +Patches_openssl1.0: |
2228 | +upstream_openssl1.0: needs-triage |
2229 | +trusty_openssl1.0: DNE |
2230 | +xenial_openssl1.0: DNE |
2231 | +bionic_openssl1.0: ignored (end of standard support) |
2232 | +esm-infra/bionic_openssl1.0: needs-triage |
2233 | +focal_openssl1.0: DNE |
2234 | +jammy_openssl1.0: DNE |
2235 | +mantic_openssl1.0: DNE |
2236 | +devel_openssl1.0: DNE |
2237 | + |
2238 | +Patches_nodejs: |
2239 | +upstream_nodejs: needs-triage |
2240 | +trusty_nodejs: ignored (end of standard support) |
2241 | +trusty/esm_nodejs: not-affected (uses system openssl) |
2242 | +xenial_nodejs: not-affected (uses system openssl) |
2243 | +esm-apps/xenial_nodejs: needs-triage |
2244 | +bionic_nodejs: not-affected (uses system openssl1.0) |
2245 | +esm-apps/bionic_nodejs: needs-triage |
2246 | +focal_nodejs: not-affected (uses system openssl) |
2247 | +esm-apps/focal_nodejs: needs-triage |
2248 | +jammy_nodejs: needed |
2249 | +esm-apps/jammy_nodejs: needs-triage |
2250 | +mantic_nodejs: not-affected (uses system openssl) |
2251 | +devel_nodejs: not-affected (uses system openssl) |
2252 | + |
2253 | +Patches_edk2: |
2254 | +upstream_edk2: needs-triage |
2255 | +trusty_edk2: ignored (end of standard support) |
2256 | +xenial_edk2: ignored (end of standard support) |
2257 | +esm-apps/xenial_edk2: needs-triage |
2258 | +bionic_edk2: ignored (end of standard support) |
2259 | +esm-apps/bionic_edk2: needs-triage |
2260 | +focal_edk2: needs-triage |
2261 | +jammy_edk2: needs-triage |
2262 | +mantic_edk2: needs-triage |
2263 | +devel_edk2: needs-triage |
2264 | diff --git a/scripts/testfiles/cve_lib_test_9.result b/scripts/testfiles/cve_lib_test_9.result |
2265 | new file mode 100644 |
2266 | index 0000000..ee6f455 |
2267 | --- /dev/null |
2268 | +++ b/scripts/testfiles/cve_lib_test_9.result |
2269 | @@ -0,0 +1,71 @@ |
2270 | +Candidate: CVE-2024-TEST |
2271 | +PublicDate: 2024-02-16 |
2272 | +References: |
2273 | + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-NNN1 |
2274 | +Description: |
2275 | + Some flaw description |
2276 | +Ubuntu-Description: |
2277 | +Notes: |
2278 | +Mitigation: |
2279 | +Bugs: |
2280 | +Priority: medium |
2281 | +Discovered-by: |
2282 | +Assigned-to: |
2283 | +CVSS: |
2284 | + |
2285 | +Patches_openssl: |
2286 | +upstream_openssl: needs-triage |
2287 | +trusty_openssl: ignored (end of standard support) |
2288 | +trusty/esm_openssl: needs-triage |
2289 | +xenial_openssl: ignored (end of standard support) |
2290 | +esm-infra/xenial_openssl: needs-triage |
2291 | +fips-updates/xenial_openssl: needs-triage |
2292 | +fips/xenial_openssl: needs-triage |
2293 | +bionic_openssl: ignored (end of standard support) |
2294 | +esm-infra/bionic_openssl: needs-triage |
2295 | +fips-updates/bionic_openssl: needs-triage |
2296 | +fips/bionic_openssl: needs-triage |
2297 | +focal_openssl: needs-triage |
2298 | +fips-updates/focal_openssl: needs-triage |
2299 | +fips/focal_openssl: needs-triage |
2300 | +jammy_openssl: released (1.1.2-1ubuntu6) |
2301 | +mantic_openssl: released (1.1.2-1ubuntu6) |
2302 | +devel_openssl: needs-triage |
2303 | + |
2304 | +Patches_openssl1.0: |
2305 | +upstream_openssl1.0: needs-triage |
2306 | +trusty_openssl1.0: DNE |
2307 | +xenial_openssl1.0: DNE |
2308 | +bionic_openssl1.0: ignored (end of standard support) |
2309 | +esm-infra/bionic_openssl1.0: needs-triage |
2310 | +focal_openssl1.0: DNE |
2311 | +jammy_openssl1.0: DNE |
2312 | +mantic_openssl1.0: DNE |
2313 | +devel_openssl1.0: DNE |
2314 | + |
2315 | +Patches_nodejs: |
2316 | +upstream_nodejs: needs-triage |
2317 | +trusty_nodejs: ignored (end of standard support) |
2318 | +trusty/esm_nodejs: not-affected (uses system openssl) |
2319 | +xenial_nodejs: not-affected (uses system openssl) |
2320 | +esm-apps/xenial_nodejs: needs-triage |
2321 | +bionic_nodejs: not-affected (uses system openssl1.0) |
2322 | +esm-apps/bionic_nodejs: needs-triage |
2323 | +focal_nodejs: not-affected (uses system openssl) |
2324 | +esm-apps/focal_nodejs: needs-triage |
2325 | +jammy_nodejs: needed |
2326 | +esm-apps/jammy_nodejs: needs-triage |
2327 | +mantic_nodejs: not-affected (uses system openssl) |
2328 | +devel_nodejs: not-affected (uses system openssl) |
2329 | + |
2330 | +Patches_edk2: |
2331 | +upstream_edk2: needs-triage |
2332 | +trusty_edk2: ignored (end of standard support) |
2333 | +xenial_edk2: ignored (end of standard support) |
2334 | +esm-apps/xenial_edk2: needs-triage |
2335 | +bionic_edk2: ignored (end of standard support) |
2336 | +esm-apps/bionic_edk2: needs-triage |
2337 | +focal_edk2: needs-triage |
2338 | +jammy_edk2: needs-triage |
2339 | +mantic_edk2: needs-triage |
2340 | +devel_edk2: needs-triage |
LGTM, thanks for this.
it is of great help that the fix script can now fix all complains at once, and much faster.