Author: fw
Date: 2005-12-23 15:22:49 +0000 (Fri, 23 Dec 2005)
New Revision: 3132
Modified:
lib/python/security_db.py
Log:
lib/python/security_db.py (DB.calculateDebsecan1):
Optimize vulnerability list. Further tweaks to urgency handling:
''unimportant'' does not trump ''unknown''.
Modified: lib/python/security_db.py
==================================================================---
lib/python/security_db.py 2005-12-23 14:10:50 UTC (rev 3131)
+++ lib/python/security_db.py 2005-12-23 15:22:49 UTC (rev 3132)
@@ -1364,9 +1364,10 @@
WHERE cve_name = p.bug_name)
FROM package_notes AS p, bugs AS b
WHERE p.urgency <> ''unimportant''
+ AND COALESCE(p.fixed_version, '''') <>
''0''
AND name NOT LIKE ''FAKE-0000000-%''
+ AND p.package_kind IN (''source'',
''binary'', ''unknown'')
AND b.name = p.bug_name
- AND p.package_kind IN (''source'',
''binary'', ''unknown'')
ORDER BY p.bug_name"""):
if remote is None:
remote = ''?''
@@ -1406,7 +1407,7 @@
ORDER BY package, bug_name""")):
unstable_fixed = ''0''
- total_urgency = ''unknown''
+ total_urgency = ''''
other_versions = {}
is_binary = False
is_unknown = False
@@ -1415,12 +1416,14 @@
"""SELECT release, package_kind, urgency,
fixed_version
FROM package_notes WHERE bug_name = ? AND package =
?""",
(bug, package))):
- if total_urgency <> ''unknown'':
+ if not total_urgency:
+ total_urgency = urgency
+ elif total_urgency <> ''unknown'':
if urgency <> ''unknown'' \
and bugs.internUrgency(urgency) \
> bugs.internUrgency(total_urgency):
total_urgency = urgency
- else:
+ elif total_urgency <>
''unimportant'':
total_urgency = urgency
if kind == ''binary'':
@@ -1464,6 +1467,9 @@
if debian_support.Version(v) > v_ref:
other_versions[v] = True
+ if not total_urgency:
+ total_urgency = ''unknown''
+
# Check if the issue does not actually mark any packages
# as vulnerable.
if total_urgency == ''unimportant'' \