Merge lp:~wgrant/ubuntu-cve-tracker/mainold into lp:~ubuntu-security/ubuntu-cve-tracker/master

prepare to sync from USN database, update syntax and split out CVE loader

merge fujitsu's updates

added compiz, finished update logic

add list of reverted CVEs, give example in README, mark released CVEs

assign self to mono, perl

tweak dhcp entry a bit

merge from jdstrand

merge with fujitsu; small additional fixes; add --universe to report-todo

update report-todo-numbers to include universe report

CVE-2007-4033: note about embedded t1lib
merge with kees
CVE-2007-4033: retiring since tetex-bin links to t1lib and its fixed
ignore database.pickle

merge tests

drop test changes

Merged and update

add new CVEs
update boilerplate to use "linux" source
add limited debian pulling logic to check-cves (next up: pushing!)

CVE-2007-5935
CVE-2007-5936
CVE-2007-5937: updated with sync-from-usns.py

Adjusted the following files so you don't have to by in the 'active' directory
any more. Unfortunately, this may break your aliases, but it makes it more
intuitive and easier to extend.
  scripts/active_edit
  scripts/cve_need_retire
  scripts/cve_packages
  scripts/cve_status
  scripts/pkg_status
  scripts/report-todo
  scripts/report-todo-numbers
  scripts/ubuntu-table
  scripts/verify-report.pl

README: updated to reflect path changes

scripts/cve_need_retire: add the '-p' option to show the full path to the
  cve, so we can still do cool bzr tricks

add CVE-2007-5497 (e2fsprogs)

Embargo updates. See README for usage
 * active_edit, check-syntax, cve_lib.py, cve_status, pkg_status,
   ubuntu-table, and verify-report.pl all updated to support embargoed/
 * pkg_status and cve_status updated so don't hang if given an unsupported '-'
   option
 * added embargoed/ to .bzrignore (just so it doesn't show up in status)

scripts:
 * Use EMB- instead of UEM- for embargoed items
 * Be more flexible with name format of EMB-

check-cves: actually write ~.check-cves.rc

README: updated for new EMB- convention

README: use -N to wget
active_edit and ubutnu-table: clean up EMB- regex

allitems.xml.test: add a small cve db for testing
check-cves and active_edit: bug fixes for active/ migration

added cves from check-cves
check-cves: string changes
cve_packages: move to using 'unimportant'
ubuntu-table: move to using 'unimportant'

pkg_status: ignore grep output when checking package name

rsync updates (CVE-2007-6199 and CVE-2007-6200)

retired CVEs

report-todo:
 * don't pass $@ to ubuntu-table as it doesn't work with WANTED
 * add support for '-S'

CVE-2007-5398: new samba is in hardy now
report-todo: bugfix

CVE-2007-1320: added URL and Description
cve_packages: add weights
README: more examples of how to use cve_packages

cve_packages: add -S option (to skip 'devel')

samba: note that debian is now regression free
libgd2: assign to me
rsync: unassign myself (can re-assign later)

Don't require that embargoed items be named EMB-
Clean up embargoed item handling in reports.

report embargoed items in check-cves