Secure testing commits - Dec 2004 - r161 - sarge-checks/CAN

Author: joeyh
Date: 2004-12-03 13:01:16 -0700 (Fri, 03 Dec 2004)
New Revision: 161

Modified:
   sarge-checks/CAN/list
   sarge-checks/CAN/update.pl
Log:
fix some bugs
add missing cans to the list


Modified: sarge-checks/CAN/list
==================================================================---
sarge-checks/CAN/list	2004-12-03 19:49:16 UTC (rev 160)
+++ sarge-checks/CAN/list	2004-12-03 20:01:16 UTC (rev 161)
@@ -1,3 +1,113 @@
+CAN-2004-1120
+	TODO: check
+CAN-2004-1119
+	TODO: check
+CAN-2004-1118
+	TODO: check
+CAN-2004-1117
+	TODO: check
+CAN-2004-1116
+	TODO: check
+CAN-2004-1115
+	TODO: check
+CAN-2004-1114
+	TODO: check
+CAN-2004-1113
+	TODO: check
+CAN-2004-1112
+	TODO: check
+CAN-2004-1111
+	TODO: check
+CAN-2004-1110
+	TODO: check
+CAN-2004-1109
+	TODO: check
+CAN-2004-1108
+	TODO: check
+CAN-2004-1107
+	TODO: check
+CAN-2004-1106
+	TODO: check
+CAN-2004-1105
+	TODO: check
+CAN-2004-1104
+	TODO: check
+CAN-2004-1103
+	TODO: check
+CAN-2004-1102
+	TODO: check
+CAN-2004-1101
+	TODO: check
+CAN-2004-1100
+	TODO: check
+CAN-2004-1099
+	TODO: check
+CAN-2004-1098
+	TODO: check
+CAN-2004-1097
+	TODO: check
+CAN-2004-1096
+	TODO: check
+CAN-2004-1095
+	TODO: check
+CAN-2004-1094
+	TODO: check
+CAN-2004-1093
+	NOTE: reserved
+CAN-2004-1092
+	NOTE: reserved
+CAN-2004-1091
+	NOTE: reserved
+CAN-2004-1090
+	NOTE: reserved
+CAN-2004-1089
+	NOTE: reserved
+CAN-2004-1088
+	NOTE: reserved
+CAN-2004-1087
+	NOTE: reserved
+CAN-2004-1086
+	NOTE: reserved
+CAN-2004-1085
+	NOTE: reserved
+CAN-2004-1084
+	NOTE: reserved
+CAN-2004-1083
+	NOTE: reserved
+CAN-2004-1082
+	NOTE: reserved
+CAN-2004-1081
+	NOTE: reserved
+CAN-2004-1080
+	TODO: check
+CAN-2004-1079
+	TODO: check
+CAN-2004-1078
+	NOTE: reserved
+CAN-2004-1077
+	NOTE: reserved
+CAN-2004-1076
+	NOTE: reserved
+CAN-2004-1075
+	TODO: check
+CAN-2004-1074
+	TODO: check
+CAN-2004-1073
+	TODO: check
+CAN-2004-1072
+	TODO: check
+CAN-2004-1071
+	TODO: check
+CAN-2004-1070
+	TODO: check
+CAN-2004-1069
+	TODO: check
+CAN-2004-1068
+	TODO: check
+CAN-2004-1067
+	NOTE: reserved
+CAN-2004-1066
+	NOTE: reserved
 CAN-2004-1065
 	NOTE: reserved
 CAN-2004-1064
@@ -552,7 +662,6 @@
 	NOTE: not-for-us (Apple)
 CAN-2004-0820
 	NOTE: not-for-us (winamp)
-
 CAN-2004-0819
 	NOTE: not-for-us (openbsd)
 CAN-2004-0818
@@ -1451,7 +1560,6 @@
 CAN-2004-0399
 	{DSA-502 DSA-501}
 	- exim 3.36-11
-
 begin claimed by greuff-guest (due 31 Oct)
 CAN-2004-0398
 	{DSA-507 DSA-506}
@@ -1514,9 +1622,7 @@
 	{DSA-477}
 CAN-2004-0371
 	{DSA-476}
-
 end claimed by greuff-guest
-
 CAN-2004-0370
 	NOTE: not-for-us (KAME)
 CAN-2004-0369
@@ -1645,9 +1751,7 @@
 	NOTE: not-for-us (OWLS 1.0)
 CAN-2004-0301
 	NOTE: not-for-us (Online Store Kit)
-
 begin claimed by greuff-guest
-
 CAN-2004-0300
 	NOTE: not-for-us (Online Store Kit)
 CAN-2004-0299
@@ -1879,7 +1983,7 @@
 	NOTE: fixed in 2.4.26-pre4
 CAN-2004-0176
 	- ethereal 0.10.3-1
-CAN-2004-0175 
+CAN-2004-0175
 	NOTE: very low
 	- openssh (unfixed; bug #270770)
 	NOTE: this bug is old and known; see the bug discussion for further
information.
@@ -2168,11 +2272,8 @@
 CAN-2004-0003
 	{DSA-495 DSA-491 DSA-489 DSA-482 DSA-481 DSA-480 DSA-479}
 	NOTE: fixed in 2.4.26-rc4
-
 end claimed by greuff-guest
-
 begin claimed by pdwerryh-guest
-
 CAN-2004-0002
 	NOTE: not-for-us (FreeBSD netinet)
 CAN-2003-1565
@@ -2237,7 +2338,7 @@
 	NOTE: not-for-us (solaris)
 CAN-2003-1023
 	{DSA-424}
-CAN-2003-1022,
+CAN-2003-1022
 	{DSA-416}
 CAN-2003-1021
 	NOTE: reserved
@@ -2275,9 +2376,7 @@
 	NOTE: not-for-us (Apple)
 CAN-2003-1005
 	NOTE: reserved
-
 end claimed by pdwerryh-guest
-
 CAN-2003-1004
 	NOTE: not-for-us (Cisco)
 CAN-2003-1003
@@ -2351,6 +2450,8 @@
 	NOTE: buffer overflow apparently fixed in freeradius 1.0.1
 CAN-2003-0967
 	- freeradius 0.9.2-4
+CAN-2003-0996
+	TODO: check
 CAN-2003-0965
 	{DSA-436}
 CAN-2003-0964
@@ -2479,9 +2580,7 @@
 	{DSA-402}
 CAN-2003-0901
 	{DSA-397}
-
 begin claimed by pdwerryh-guest 
-
 CAN-2003-0900
 	NOTE: reserved
 CAN-2003-0899
@@ -2699,9 +2798,7 @@
 	NOTE: not-for-us (Nokia)
 CAN-2003-0801
 	NOTE: not-for-us (Nokia)
-
 end claimed by pdwerryh-guest 
-
 CAN-2003-0800
 	NOTE: reserved
 CAN-2003-0799
@@ -3692,9 +3789,9 @@
 	{DSA-298 DSA-291}
 CAN-2003-0322
 	{DSA-306}
+CAN-2003-0321
+	{DSA-306}
 CAN-2003-0320
-	TODO: check
-CAN-2003-0320
 	NOTE: not-for-us (ttCMS)
 CAN-2003-0319
 	NOTE: not-for-us (SmartMax MailMax)
@@ -4260,9 +4357,7 @@
 	NOTE: reserved
 CAN-2003-0005
 	NOTE: reserved
-
 begin claimed by pdwerryh-guest
-
 CAN-2003-0001
 	{DSA-442 DSA-423 DSA-336 DSA-332 DSA-312 DSA-311}
 CAN-2002-1583
@@ -4738,9 +4833,7 @@
 	NOTE: reserved
 CAN-2002-1301
 	NOTE: reserved
-
 end claimed by pdwerryh-guest
-
 CAN-2002-1300
 	NOTE: reserved
 CAN-2002-1299
@@ -4843,10 +4936,8 @@
 	{DSA-177}
 CAN-2002-1226
 	{DSA-178}
-CAN-2002-1225,
+CAN-2002-1225
 	{DSA-178}
-CAN-2002-1225
-	TODO: check
 CAN-2002-1221
 	{DSA-196}
 CAN-2002-1220
@@ -4907,7 +4998,7 @@
 	TODO: check
 CAN-2002-1176
 	TODO: check
-CAN-2002-1175,
+CAN-2002-1175
 	{DSA-171}
 CAN-2002-1175
 	TODO: check
@@ -5545,9 +5636,11 @@
 	{DSA-136}
 CAN-2002-0656
 	{DSA-136}
+CAN-2002-0655
+	{DSA-136}
 
 STOP: this is approximatly the release of woody, so we can stop here
-	
+
 CAN-2002-0654
 	- apache2 2.0.40
 CAN-2002-0652
@@ -5730,13 +5823,13 @@
 CAN-2002-0390
 	NOTE: reserved
 CAN-2002-0388
-	NOTE: covered by DSA-147
+	{DSA-147}
 CAN-2002-0386
 CAN-2002-0385
 CAN-2002-0383
 	NOTE: reserved
 CAN-2002-0380
-	NOTE: covered by DSA-255
+	{DSA-255}
 CAN-2002-0378
 CAN-2002-0375
 CAN-2002-0371
@@ -5889,7 +5982,7 @@
 CAN-2002-0177
 CAN-2002-0165
 CAN-2002-0164
-	NOTE: covered by DSA-380
+	{DSA-380}
 CAN-2002-0162
 CAN-2002-0161
 	NOTE: reserved
@@ -5953,7 +6046,7 @@
 CAN-2002-0031
 CAN-2002-0030
 CAN-2002-0029
-	NOTE: covered by DSA-196
+	{DSA-196}
 CAN-2002-0019
 	NOTE: reserved
 CAN-2002-0016
@@ -6218,6 +6311,7 @@
 CAN-2001-1040
 CAN-2001-1039
 CAN-2001-1034
+	{DSA-148}
 CAN-2001-1033
 CAN-2001-1031
 CAN-2001-1026
@@ -6285,7 +6379,7 @@
 CAN-2001-0931
 CAN-2001-0930
 CAN-2001-0928
-	NOTE: covered by DSA-301
+	{DSA-301}
 CAN-2001-0927
 CAN-2001-0926
 CAN-2001-0925
@@ -6722,7 +6816,7 @@
 CAN-2001-0133
 CAN-2001-0132
 CAN-2001-0131
-	NOTE: covered by DSA-187
+	{DSA-195 DSA-188 DSA-187}
 CAN-2001-0127
 CAN-2001-0114
 CAN-2001-0113

Modified: sarge-checks/CAN/update.pl
==================================================================---
sarge-checks/CAN/update.pl	2004-12-03 19:49:16 UTC (rev 160)
+++ sarge-checks/CAN/update.pl	2004-12-03 20:01:16 UTC (rev 161)
@@ -50,49 +50,45 @@
 	}
 }
 close FULL_CAN;
-#foreach my $can (reverse sort { $cans{$a}{can} cmp $cans{$b}{can} } keys
%cans) {
-#	next unless $listedcans{$can};
-#	print "$can\n";
-#	if ($cans{$can}{reserved}) {
-#		print "\tNOTE: reserved\n";
-#	}
-#	if ($cans{$can}{rejected}) {
-#		print "\tNOTE: rejected\n";
-#	}
-#	if ($cans{$can}{dsa}) {
-#		print "\t{".join(" ",
@{$cans{$can}{dsa}})."}\n";
-#	}
-#}
 
+my $stopped=0;
+my @out;
+
+sub docan {
+	my $can=shift;	
+	
+	push @out, "$can".(length $cans{$can}{description} ? "
".$cans{$can}{description} : "")."\n";
+	if ($cans{$can}{reserved}) {
+		push @out, "\tNOTE: reserved\n";
+	}
+	if ($cans{$can}{rejected}) {
+		push @out, "\tNOTE: rejected\n";
+	}
+	if ($cans{$can}{dsa}) {
+		push @out, "\t{".join(" ",
@{$cans{$can}{dsa}})."}\n";
+	}
+	if ($cans{$can}{notes}) {
+		foreach (@{$cans{$can}{notes}}) {
+			push @out, "\t$_\n";
+		}
+	}
+	if (! $cans{$can}{reserved} && ! $cans{$can}{rejected} &&
+	    ! $cans{$can}{dsa} && ! $cans{$can}{notes} &&
+	    ! $stopped) {
+		push @out, "\tTODO: check\n";
+	}
+		
+	delete $cans{$can};
+}
+
 open (IN, "<$our_list") || die "$our_list: $!\n";
 my $can;
 while (<IN>) {
 	chomp;
-	if (/^((?:CAN|CVE)-.*)/) {
-		if ($can) {
-			print "$can\n";
-			if ($cans{$can}{reserved}) {
-				print "\tNOTE: reserved\n";
-			}
-			if ($cans{$can}{rejected}) {
-				print "\tNOTE: rejected\n";
-			}
-			if ($cans{$can}{dsa}) {
-				print "\t{".join(" ",
@{$cans{$can}{dsa}})."}\n";
-			}
-			if ($cans{$can}{notes}) {
-				foreach (@{$cans{$can}{notes}}) {
-					print "\t$_\n";
-				}
-			}
-			if (! $cans{$can}{reserved} && ! $cans{$can}{rejected} &&
-			    ! $cans{$can}{dsa} && ! $cans{$can}{notes}) {
-				print "\tTODO: check\n";
-			}
-			
-			delete $cans{$can};
-		}
+	if (/^((?:CAN|CVE)-[-0-9]*)\s*(.*)/) {
+		docan($can) if $can;
 		$can=$1;
+		$cans{$can}{description}=$2 if length $2;
 	}
 	elsif (/^\s+NOTE:\s*(reserved|rejected)\s*$/) {
 		# skip it
@@ -100,19 +96,42 @@
 	elsif (/^\s+NOTE: covered by DSA.*/) {
 		# skip it (old form)
 	}
+	elsif (/^\s+{DSA.*/) {
+		# skip
+	}
 	elsif (/^\s+(.*)/ && $can) {
 		push @{$cans{$can}{notes}}, $1;
 	}
 	elsif (/^STOP/) {
-		print "$_\n";
-		last;
+		push @out, "$_\n";
+		$stopped=1;
+		docan($can) if $can;
+		$can='''';
 	}
 	else {
-		print "$_\n";
+		push @out, "$_\n" if length $_;
+		docan($can) if $can;
+		$can='''';
 	}
 }
-# Print out anything after a STOP marker.
-while (<IN>) {
-	print $_;
+close IN;
+docan($can) if $can;
+
+foreach my $can (reverse sort { $cans{$a}{can} cmp $cans{$b}{can} } keys %cans)
{
+	next unless $listedcans{$can};
+	print "$can\n";
+	if ($cans{$can}{reserved}) {
+		print "\tNOTE: reserved\n";
+	}
+	if ($cans{$can}{rejected}) {
+		print "\tNOTE: rejected\n";
+	}
+	if ($cans{$can}{dsa}) {
+		print "\t{".join(" ",
@{$cans{$can}{dsa}})."}\n";
+	}
+	if (!$cans{$can}{reserved} || $cans{$can}{rejected} || $cans{$can}{dsa}) {
+		print "\tTODO: check\n";
+	}
 }
-close IN;
+
+print @out;