Ola Lundqvist pushed to branch master at Debian Security Tracker / security-tracker
Commits: cec172d5 by Ola Lundqvist at 2019-02-10T15:55:32Z An alternative triage script that works if the json sync is not working. - - - - - 1 changed file: - + bin/lts-alt-cve-triage.sh Changes: ===================================== bin/lts-alt-cve-triage.sh ===================================== @@ -0,0 +1,38 @@ +#!/bin/sh +# Requires: +# wget, html2text + +WDB="https://deb.freexian.com/extended-lts/tracker/status/release/oldstable"; +ENF="data/dla-needed.txt" +OPF=$(tempfile) + +echo "Fetching tracker db from $WDB" +wget -O "$OPF" -q "$WDB" +html2text "$OPF" | grep "?$" | while read A B O ; do + if echo $A | grep -q -E "^(CVE|TEMP)-" ; then + CVE=$A + else + PACKAGE=$A + CVE=$B + fi + + # Sanitize package name for e.g. foo_(non-free) + PACKAGE=${PACKAGE%%_*} + + if echo "$PACKAGE" | grep -q '^[-a-zA-Z0-9_][-a-zA-Z0-9_.]*$' ; then + if [ -n "$CVE" ] ; then + if grep -q "^$PACKAGE[[:space:]](" $ENF ; then + echo "Supported $PACKAGE $CVE (Claimed)" + elif grep -q "^$PACKAGE$" $ENF ; then + echo "Supported $PACKAGE $CVE (Not claimed)" + else + echo "Supported $PACKAGE $CVE (Triage needed)" + fi + else + echo "Empty CVE for $PACKAGE" + fi + else + echo "Unknown characters in package name $PACKAGE." + fi +done +rm -f "$OPF" View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/cec172d51bc647f5a51554bc3ffd882883650e52 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/cec172d51bc647f5a51554bc3ffd882883650e52 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
