Re: [Spacewalk-devel] Custom Errata Creation - CVEs - v1.4

Fri, 12 Aug 2011 07:28:35 -0700 

Oh, I am sorry. Somehow I checked the code wrong.

So, I'll try again.
...
        if (details.containsKey("cves")) {
            if (errata.getCves() != null) {
                errata.getCves().clear();
                HibernateFactory.getSession().flush();
            }
            for (String cveName : (ArrayList<String>) details.get("cves")) {
                Cve c = CveFactory.lookupByName(cveName);
                if (c == null) {
                    c = new Cve();
                    c.setName(cveName);
                    CveFactory.save(c);
                }
                errata.getCves().add(c);
            }
        }
...
If "cves" is included in the xmlrpc struct, currently associated CVEs will be 
detached from the erratum (and if not further referenced also completely 
deleted).
Then, either the CVE will be found in the DB or a new one *will* be created.
I admit the code isn't perfect, but shall work.

I tested errata.setDetails API on latest nightly and I was able to associate 
completely new CVEs within an erratum.

I am not sure, what is the situation on Spacewalk 1.4, but we recommend to 
upgrade to latest released version.

Regards,
Tomas
--
Tomas Lestach
RHN Satellite Engineering, Red Hat



----- Original Message -----
> From: "Tomas Lestach" <tlest...@redhat.com>
> To: spacewalk-devel@redhat.com
> Cc: "Colin Coe" <colin....@gmail.com>
> Sent: Friday, August 12, 2011 10:49:15 AM
> Subject: Re: [Spacewalk-devel] Custom Errata Creation - CVEs - v1.4
> 
> Hmm, according to the code it looks like you can reference only those
> CVEs, that are already in the system. (So, f.e. that were created by
> syncing errata from RHN.)
> Am I correct, Colin?
> 
> Regards,
> Tomas
> --
> Tomas Lestach
> RHN Satellite Engineering, Red Hat
> 
> 
> ----- Original Message -----
> > From: "Andy Speagle" <andy.spea...@wichita.edu>
> > To: spacewalk-devel@redhat.com
> > Sent: Thursday, August 11, 2011 11:35:56 PM
> > Subject: [Spacewalk-devel] Custom Errata Creation - CVEs - v1.4
> > 
> > 
> > 
> > 
> > 
> > Team,
> > 
> > 
> > 
> > I’m having some trouble associating CVEs with errata via the API. I
> > think perhaps I’m missing something. I’m simply calling:
> > 
> > 
> > 
> > errata.setDetails
> > 
> > 
> > 
> > I’m feeding it the advisory name and a struct build of { ‘cves’:
> > [array of strings] } … and it’s blowing up on me like this:
> > 
> > 
> > 
> > [2011-08-11 16:25:47,080] ERROR - REQUESTED FROM: *callerIp* CALL:
> > errata.setDetails(199661x8c9f02b2a069f14a62ff8968eae8776d,
> > RHSA-2011:1144:R5-32-S, {cves=[CVE-2011-2130, CVE-2011-2134,
> > CVE-2011-2135, CVE-2011-2136, CVE-2011-2137, CVE-2011-2138,
> > CVE-2011-2139, CVE-2011-2140, CVE-2011-2414, CVE-2011-2415,
> > CVE-2011-2416, CVE-2011-2417, CVE-2011-2425]}) CALLER: (unixadmin)
> > TIME: 0.029 seconds
> > 
> > redstone.xmlrpc.XmlRpcFault: unhandled internal exception:
> > Executing
> > query Cve.lookupByName with params {name=CVE-2011-2134} failed
> > 
> > at
> > com.redhat.rhn.frontend.xmlrpc.BaseHandler.invoke(BaseHandler.java:131)
> > 
> > at
> > redstone.xmlrpc.XmlRpcDispatcher.dispatch(XmlRpcDispatcher.java:123)
> > 
> > at
> > com.redhat.rhn.frontend.xmlrpc.RhnXmlRpcServer.execute(RhnXmlRpcServer.java:53)
> > 
> > at
> > com.redhat.rhn.frontend.xmlrpc.XmlRpcServlet.doPost(XmlRpcServlet.java:162)
> > 
> > at javax.servlet.http.HttpServlet.service(HttpServlet.java:710)
> > 
> > at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
> > 
> > at
> > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:269)
> > 
> > at
> > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
> > 
> > at
> > com.opensymphony.module.sitemesh.filter.PageFilter.parsePage(PageFilter.java:142)
> > 
> > at
> > com.opensymphony.module.sitemesh.filter.PageFilter.doFilter(PageFilter.java:58)
> > 
> > at
> > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
> > 
> > at
> > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
> > 
> > at
> > com.redhat.rhn.frontend.servlets.LocalizedEnvironmentFilter.doFilter(LocalizedEnvironmentFilter.java:67)
> > 
> > at
> > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
> > 
> > at
> > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
> > 
> > at
> > com.redhat.rhn.frontend.servlets.EnvironmentFilter.doFilter(EnvironmentFilter.java:108)
> > 
> > at
> > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
> > 
> > at
> > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
> > 
> > at
> > com.redhat.rhn.frontend.servlets.SessionFilter.doFilter(SessionFilter.java:55)
> > 
> > at
> > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
> > 
> > at
> > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
> > 
> > at
> > com.redhat.rhn.frontend.servlets.SetCharacterEncodingFilter.doFilter(SetCharacterEncodingFilter.java:97)
> > 
> > at
> > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
> > 
> > at
> > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
> > 
> > at
> > org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:210)
> > 
> > at
> > org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:172)
> > 
> > at
> > org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
> > 
> > at
> > org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117)
> > 
> > at
> > org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:108)
> > 
> > at
> > org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:151)
> > 
> > at
> > org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:200)
> > 
> > at
> > org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:291)
> > 
> > at
> > org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:775)
> > 
> > at
> > org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:704)
> > 
> > at
> > org.apache.jk.common.ChannelSocket$SocketConnection.runIt(ChannelSocket.java:897)
> > 
> > at
> > org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:685)
> > 
> > at java.lang.Thread.run(Thread.java:662)
> > 
> > 
> > 
> > I’m confused about this… Executing query Cve.lookupByName with
> > params
> > {name=CVE-2011-2134} … I don’t see any other way to add CVEs to
> > Spacewalk, so I’m confused about what it’s trying to do here…
> > 
> > 
> > 
> > Can someone clue me in?
> > 
> > 
> > 
> > Andy Speagle
> > 
> > System & Storage Administrator
> > 
> > UCATS - Wichita State University
> > 
> > 
> > 
> > P: 316.978.3869
> > 
> > C: 316.617.2431
> > 
> > 
> > _______________________________________________
> > Spacewalk-devel mailing list
> > Spacewalk-devel@redhat.com
> > https://www.redhat.com/mailman/listinfo/spacewalk-devel
> 
> _______________________________________________
> Spacewalk-devel mailing list
> Spacewalk-devel@redhat.com
> https://www.redhat.com/mailman/listinfo/spacewalk-devel

_______________________________________________
Spacewalk-devel mailing list
Spacewalk-devel@redhat.com
https://www.redhat.com/mailman/listinfo/spacewalk-devel

Reply via email to