Author: geissert
Date: 2012-08-20 02:21:33 +0000 (Mon, 20 Aug 2012)
New Revision: 19985
Modified:
bin/report-vuln
Log:
Add --no-blanks option and default to not specifying a Version
Modified: bin/report-vuln
==================================================================---
bin/report-vuln 2012-08-20 01:51:00 UTC (rev 19984)
+++ bin/report-vuln 2012-08-20 02:21:33 UTC (rev 19985)
@@ -106,7 +106,7 @@
return ret + ''\n''
-def gen_text(pkg, cveid):
+def gen_text(pkg, cveid, include_version = False, severity =
''FILLINSEVERITY''):
vuln_suff = ''y''
cve_suff = ''''
time_w = ''was''
@@ -117,14 +117,15 @@
vuln_suff = ''ies''
time_w = ''were''
- header = ''''''Package: %s
-Version: FILLINAFFECTEDVERSION
-Severity: FILLINSEVERITY
+ header = ''''''Package:
%s\n'''''' % (pkg)
+ if include_version:
+ header += ''Version: FILLINAFFECTEDVERSION\n''
+ header += ''''''Severity: %s
Tags: security
Hi,
the following vulnerabilit%s %s published for %s.
-'''''' % (pkg, vuln_suff, time_w, pkg)
+'''''' % (severity, vuln_suff, time_w, pkg)
footer = ''''''If you fix the vulnerabilit%s please
also make sure to include the
CVE (Common Vulnerabilities & Exposures) id%s in your changelog entry.
@@ -152,20 +153,31 @@
print
''\nhttp://security-tracker.debian.org/tracker/source-package/%s''
% (pkg)
print ''(issues without CVE id are assigned a TEMP one, but it may
change over time)\n''
+ if not include_version:
+ print ''''''Please adjust the affected versions in
the BTS as needed.\n''''''
+
def error(msg):
print ''error: '' + msg
sys.exit(1)
def usage():
- print sys.argv[0], ''<pkg> <cve id(s)>''
+ print sys.argv[0], ''[--no-blanks] <pkg> <cve
id(s)>''
sys.exit(0)
def main():
if len(sys.argv) < 3:
usage()
- pkg = sys.argv[1]
- cve = sys.argv[2:]
+ blanks = True
+ if sys.argv[1] == ''--no-blanks'':
+ if len(sys.argv) < 4:
+ usage()
+ blanks = False
+ pkg = sys.argv[2]
+ cve = sys.argv[3:]
+ else:
+ pkg = sys.argv[1]
+ cve = sys.argv[2:]
# check for valid parameters
p = re.compile(''^[a-z].*'')
@@ -178,7 +190,10 @@
if not c.match(arg) and not temp_id.match(arg):
error(arg + '' does not seem to be a valid CVE id'')
- gen_text(pkg, cve)
+ if blanks:
+ gen_text(pkg, cve)
+ else:
+ gen_text(pkg, cve, False, ''grave'')
if __name__ == ''__main__'':
main()