Author: fw Date: 2005-12-22 10:19:06 +0000 (Thu, 22 Dec 2005) New Revision: 3122
Modified: lib/python/security_db.py Log: lib/python/security_db.py (DB.calculateDebsecan): Check that a fixed package is actually available in sid, and do not trust the list files. Modified: lib/python/security_db.py =================================================================== --- lib/python/security_db.py 2005-12-22 09:21:30 UTC (rev 3121) +++ lib/python/security_db.py 2005-12-22 10:19:06 UTC (rev 3122) @@ -1251,6 +1251,8 @@ c.execute("""INSERT OR REPLACE INTO vulnlist SELECT bug_name, package, id FROM package_notes WHERE release = ?""", (release,)) + else: + release = 'sid' c.execute("""DELETE FROM vulnlist WHERE name LIKE 'FAKE-0000000-%'""") @@ -1286,38 +1288,34 @@ # release. fix_available = ' ' - if release: - fix_available = ' ' - if kind == 'source': - fix_available_sql = """SELECT st.vulnerable - FROM source_packages AS p, source_package_status AS st - WHERE p.name = ? - AND p.release = ? - AND p.subrelease IN ('', 'security') - AND st.bug_name = ? - AND st.package = p.rowid - ORDER BY p.version COLLATE version DESC""" - elif kind == 'binary': - fix_available_sql = """SELECT st.vulnerable - FROM binary_packages AS p, binary_package_status AS st - WHERE p.name = ? - AND p.release = ? - AND p.subrelease IN ('', 'security') - AND st.bug_name = ? - AND st.package = p.rowid - ORDER BY p.version COLLATE version DESC""" - else: - fix_available_sql = '' + if kind == 'source': + fix_available_sql = """SELECT st.vulnerable + FROM source_packages AS p, source_package_status AS st + WHERE p.name = ? + AND p.release = ? + AND p.subrelease IN ('', 'security') + AND st.bug_name = ? + AND st.package = p.rowid + ORDER BY p.version COLLATE version DESC""" + elif kind == 'binary': + fix_available_sql = """SELECT st.vulnerable + FROM binary_packages AS p, binary_package_status AS st + WHERE p.name = ? + AND p.release = ? + AND p.subrelease IN ('', 'security') + AND st.bug_name = ? + AND st.package = p.rowid + ORDER BY p.version COLLATE version DESC""" + else: + fix_available_sql = '' - if fix_available_sql: - for (v,) in c.execute(fix_available_sql, - (package, release, name)): - assert v is not None - if not v: - fix_available = 'F' - break - elif fixed_version <> '': - fix_available = 'F' + if fix_available_sql: + for (v,) in c.execute(fix_available_sql, + (package, release, name)): + assert v is not None + if not v: + fix_available = 'F' + break if kind == 'source': kind = 'S' @@ -1340,8 +1338,6 @@ package, fixed_version, description)) result = base64.encodestring(zlib.compress(''.join(result), 9)) - if not release: - release = 'sid' c.execute( "INSERT OR REPLACE INTO debsecan_data (name, data) VALUES (?, ?)", ('release/' + release, result)) _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits