Linux Archive

Linux Archive (http://www.linux-archive.org/)
-   Ubuntu Kernel Team (http://www.linux-archive.org/ubuntu-kernel-team/)
-   -   cve-tracker: speed up CVE linkage, add more verbose output (http://www.linux-archive.org/ubuntu-kernel-team/535917-cve-tracker-speed-up-cve-linkage-add-more-verbose-output.html)

Kees Cook 06-06-2011 06:56 PM

cve-tracker: speed up CVE linkage, add more verbose output
 
We cannot safely use linkCVE due to LP: #439470. Instead, use comment
work-around to trigger attachment. Add more verbose output messages too.

Signed-off-by: Kees Cook <kees.cook@canonical.com>
---
stable/create-cve-tracker | 15 +++++++--------
1 files changed, 7 insertions(+), 8 deletions(-)

diff --git a/stable/create-cve-tracker b/stable/create-cve-tracker
index 67af11e..16a8be2 100755
--- a/stable/create-cve-tracker
+++ b/stable/create-cve-tracker
@@ -183,18 +183,15 @@ class CreateCveTracker(StdApp):
print("https://bugs.launchpad.net/bugs/%s" % (bug.id))

try:
+ self.verbose("Updating tags ...
")
bug.tags.append('kernel-cve-tracking-bug')
+ self.verbose("Marking as security ...
")
bug.security_related = True

# Link the appropriate cve to the bug
- #
- found = False
- for cve in self.lp.launchpad.cves:
- if title in cve.display_name:
- found = True
- break
- if found:
- bug.lpbug.linkCVE(cve=cve)
+ # Cannot safely use 'linkCVE' due to LP: #439470
+ self.verbose("Linking to %s ..." % (title))
+ bug.add_comment(content=title)

lp = self.lp.launchpad
ubuntu = lp.distributions["ubuntu"]
@@ -203,7 +200,9 @@ class CreateCveTracker(StdApp):
self.verbose("Adding additional packages")
pkgs = ['linux-fsl-imx51', 'linux-mvl-dove', 'linux-lts-backport-maverick', 'linux-ti-omap4']
for p in pkgs:
+ self.verbose("Finding source package '%s' ..." % (p))
pkg = ubuntu.getSourcePackage(name=p)
+ self.verbose("Adding bug task for '%s' ..." % (p))
t = bug.lpbug.addTask(target=pkg)

# Nominate for all active series
--
1.7.4.1


--
Kees Cook
Ubuntu Security Team

--
kernel-team mailing list
kernel-team@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/kernel-team

Brad Figg 06-06-2011 07:25 PM

cve-tracker: speed up CVE linkage, add more verbose output
 
On 06/06/2011 11:56 AM, Kees Cook wrote:

We cannot safely use linkCVE due to LP: #439470. Instead, use comment
work-around to trigger attachment. Add more verbose output messages too.

Signed-off-by: Kees Cook<kees.cook@canonical.com>
---
stable/create-cve-tracker | 15 +++++++--------
1 files changed, 7 insertions(+), 8 deletions(-)

diff --git a/stable/create-cve-tracker b/stable/create-cve-tracker
index 67af11e..16a8be2 100755
--- a/stable/create-cve-tracker
+++ b/stable/create-cve-tracker
@@ -183,18 +183,15 @@ class CreateCveTracker(StdApp):
print("https://bugs.launchpad.net/bugs/%s" % (bug.id))

try:
+ self.verbose("Updating tags ...
")
bug.tags.append('kernel-cve-tracking-bug')
+ self.verbose("Marking as security ...
")
bug.security_related = True

# Link the appropriate cve to the bug
- #
- found = False
- for cve in self.lp.launchpad.cves:
- if title in cve.display_name:
- found = True
- break
- if found:
- bug.lpbug.linkCVE(cve=cve)
+ # Cannot safely use 'linkCVE' due to LP: #439470
+ self.verbose("Linking to %s ..." % (title))
+ bug.add_comment(content=title)

lp = self.lp.launchpad
ubuntu = lp.distributions["ubuntu"]
@@ -203,7 +200,9 @@ class CreateCveTracker(StdApp):
self.verbose("Adding additional packages")
pkgs = ['linux-fsl-imx51', 'linux-mvl-dove', 'linux-lts-backport-maverick', 'linux-ti-omap4']
for p in pkgs:
+ self.verbose("Finding source package '%s' ..." % (p))
pkg = ubuntu.getSourcePackage(name=p)
+ self.verbose("Adding bug task for '%s' ..." % (p))
t = bug.lpbug.addTask(target=pkg)

# Nominate for all active series


Applied and pushed.

--
Brad Figg brad.figg@canonical.com http://www.canonical.com

--
kernel-team mailing list
kernel-team@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/kernel-team


All times are GMT. The time now is 05:55 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.