ubuntu-security-tools

Merge ubuntu-security-tools:umt-upload-cve-detection into ubuntu-security-tools:master

  1. Git
  2. lp:ubuntu-security-tools
  3. umt-upload-cve-detection
  4. Merge into master
Proposed by Mike Salvatore
Status: Merged
Merged at revision: e5a48ab99bfed924cd31928122c4e6204b90abfa
Proposed branch: ubuntu-security-tools:umt-upload-cve-detection
Merge into: ubuntu-security-tools:master
Diff against target: 18 lines (+3/-4)
1 file modified
build-tools/umt (+3/-4)
Reviewer Review Type Date Requested Status
Alex Murray Pending
Marc Deslauriers Pending
Review via email: mp+391517@code.launchpad.net

Description of the change

When performing a fakesync of netqmail, the changelog entry from debian looked like:

  * Address CVE-2005-1513, CVE-2005-1514, CVE-2005-1515, CVE-2020-3811 and
    CVE-2020-3812 (Closes: #961060)

The current code only finds CVE-2005-1513 and CVE-2020-3812. The other 3 CVEs are not detected. This change enables umt to detect CVEs in changelogs like the above.

To post a comment you must log in.

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
diff --git a/build-tools/umt b/build-tools/umt
index fc1382d..653d709 100755
--- a/build-tools/umt
+++ b/build-tools/umt
@@ -2930,10 +2930,9 @@ def parse_changes_file(changes_file):
2930 details['distribution'] = line.strip().split()[1]2930 details['distribution'] = line.strip().split()[1]
2931 details['pocket'] = 'release'2931 details['pocket'] = 'release'
2932 else:2932 else:
2933 match = re.search(r'\bCVE-[0-9]{4}-[0-9]+\b', line)2933 cves = re.findall(r'\bCVE-[0-9]{4}-[0-9]+\b', line)
2934 if match is not None:2934 if cves:
2935 cve = match.group(0)2935 details['cves'].update(set(cves))
2936 details['cves'].add(cve)
29372936
2938 # Handle epoch2937 # Handle epoch
2939 if ':' in details['version']:2938 if ':' in details['version']:

Subscribers

People subscribed via source and target branches