Author: neilm
Date: 2005-09-03 12:08:30 +0000 (Sat, 03 Sep 2005)
New Revision: 1792
Modified:
data/DTSA/dtsa
Log:
Fixed typos
Changed " " to tabs
Fixed trying to wite "cve" (list) into a string
Modified: data/DTSA/dtsa
==================================================================---
data/DTSA/dtsa 2005-09-03 12:01:36 UTC (rev 1791)
+++ data/DTSA/dtsa 2005-09-03 12:08:30 UTC (rev 1792)
@@ -16,191 +16,196 @@
announce_mail_address =
"secure-testing-announce@lists.alioth.debian.org"
def print_usage():
- print "dtsa [-a | -u] dtsa-id major number"
- print " -p Process a DTSA from a template"
- print " -u Update an existing DTSA from a template"
- sys.exit(-1)
+ print "dtsa [-a | -u] dtsa-id major number"
+ print " -p Process a DTSA from a template"
+ print " -u Update an existing DTSA from a template"
+ sys.exit(-1)
def process_dtsa(id):
- filename=glob.glob("advs/" + id + "-*.adv")
+ filename=glob.glob("advs/" + id + "-*.adv")
- src = ""
- date = ""
- vuln_type = ""
- cve = ""
- testing_fix = ""
- sid_fix = ""
- vendor_advisory = ""
- d = False
- descr = []
- author = ""
- scope = ""
- debian_specific = False
+ src = ""
+ date = ""
+ vuln_type = ""
+ cve = ""
+ testing_fix = ""
+ sid_fix = ""
+ vendor_advisory = ""
+ d = False
+ descr = []
+ author = ""
+ scope = ""
+ debian_specific = False
- dtsa_id = "DTSA-" + id + "-1"
-
- t_f = open(filename[0], "r")
- t_l = t_f.readlines()
+ dtsa_id = "DTSA-" + id + "-1"
+
+ t_f = open(filename[0], "r")
+ t_l = t_f.readlines()
- for i in t_l:
- if i.startswith("source:"):
- src = i[7:].strip()
- elif i.startswith("date:"):
- date = i[5:].strip()
- elif i.startswith("author:"):
- author = i[7:].strip()
- elif i.startswith("vendor-advisory:"):
- vendor_advisory = i[16:].strip()
- elif i.startswith("vuln-type:"):
- vuln_type = i[10:].strip()
- elif i.startswith("problem-scope:"):
- scope = i[14:].strip()
- elif i.startswith("debian-specific:"):
- if i[16:].strip() == "yes":
- debian_specific = True
- elif i.startswith("cve:"):
- cve = i[4:].strip().split(" ")
- elif i.startswith("testing-fix:"):
- testing_fix = i[12:].strip()
- elif i.startswith("sid-fix:"):
- sid_fix = i[8:].strip()
- elif d:
- descr.append(i.strip())
- elif i == "\n" and d == False:
- d = True
+ for i in t_l:
+ if i.startswith("source:"):
+ src = i[7:].strip()
+ elif i.startswith("date:"):
+ date = i[5:].strip()
+ elif i.startswith("author:"):
+ author = i[7:].strip()
+ elif i.startswith("vendor-advisory:"):
+ vendor_advisory = i[16:].strip()
+ elif i.startswith("vuln-type:"):
+ vuln_type = i[10:].strip()
+ elif i.startswith("problem-scope:"):
+ scope = i[14:].strip()
+ elif i.startswith("debian-specific:"):
+ if i[16:].strip() == "yes":
+ debian_specific = True
+ elif i.startswith("cve:"):
+ cve = i[4:].strip().split(" ")
+ elif i.startswith("testing-fix:"):
+ testing_fix = i[12:].strip()
+ elif i.startswith("sid-fix:"):
+ sid_fix = i[8:].strip()
+ elif d:
+ descr.append(i.strip())
+ elif i == "\n" and d == False:
+ d = True
- if len(cve) == 0:
- print "No CVE assignments seem to have been made for this
issue"
+ if len(cve) == 0:
+ print "No CVE assignments seem to have been made for this issue"
- print "There''s currently not yet support for an HTML
representation, but it will"
- print "be added soon."
- print
-
- export_ascii(src, date, vuln_type, cve, testing_fix, sid_fix, descr,
vendor_advisory, dtsa_id, 1, author, scope, debian_specific)
+ print "There''s currently not yet support for an HTML
representation, but it will"
+ print "be added soon."
+ print
+
+ export_ascii(src, date, vuln_type, cve, testing_fix, sid_fix, descr,
vendor_advisory, dtsa_id, 1, author, scope, debian_specific)
- print "A textual representation has been generated as", dtsa_id
- print "You can publish it with the sndadvisory script"
- print
-
- construct_dtsa_list(date, dtsa_id, cve, src, vuln_type, testing_fix)
+ print "A textual representation has been generated as", dtsa_id
+ print "You can publish it with the sndadvisory script"
+ print
+
+ construct_dtsa_list(date, dtsa_id, cve, src, vuln_type, testing_fix)
- print "Added new DTSA to the list of DTSAs"
- print
+ print "Added new DTSA to the list of DTSAs"
+ print
# This adds a published DTSA to the list, so that it can be cross-referenced
with DSAs and CVE IDs
def construct_dtsa_list(date, dtsa_id, cve, src, vuln_type, testing_fix):
- l_f = open(os.getcwd() + "/list", "a")
- # What do we need the date for?
- l_f.write("[01 Jan 1969] " + dtsa_id + " " + src +
" - " + vuln_type + "\n")
- l_f.write("\t{" + cve "}\n")
- l_f.write("\t- " + src + " " + testing_fix +
"\n")
- l_f.write("\tTODO: unreleased\n")
- l_f.close()
+ l_f = open(os.getcwd() + "/list", "a")
+ # What do we need the date for?
+ l_f.write("[01 Jan 1969] " + dtsa_id + " " + src + "
- " + vuln_type + "\n")
+ cves = ""
+ if len(cve) > 0:
+ for i in cve:
+ cves += i
+ cves += " "
+ l_f.write("\t{" + cves + "}\n")
+ l_f.write("\t- " + src + " " + testing_fix +
"\n")
+ l_f.write("\tTODO: unreleased\n")
+ l_f.close()
def export_html(src, data, vuln_type, cve, testing_fix, sid_fix, descr,
vendor_advisory, id, rev):
- pass
+ pass
def export_ascii(src, date, vuln_type, cve, testing_fix, sid_fix, descr,
vendor_advisory, id, rev, author, scope, debian_specific):
- ascii = open(os.getcwd() + "/" + id, "w")
+ ascii = open(os.getcwd() + "/" + id, "w")
- # FIXME, correct indents
-
ascii.write("------------------------------------------------------------------------------\n")
- ascii.write("Debian Testing Security Advisory "+ id +
((12-len(id))*" ") + " http://secure-testing.debian.net\n")
- ascii.write("secure-testing-team@lists.alioth.debian.org " +
((34-len(author))*" ") + author + "\n")
- ascii.write(date + "\n")
-
ascii.write("------------------------------------------------------------------------------\n")
- ascii.write("\n")
- ascii.write("Package : " + src + "\n")
- ascii.write("Vulnerability : " + vuln_type + "\n")
- ascii.write("Problem-Scope : " + scope + "\n")
- ascii.write("Debian-specific: " + yn(debian_specific) +
"\n")
-# if len(vendor_advisory) > 0:
-# ascii.write("Vendor advisory: " + vendor_advisory +
"\n")
-# else:
-# ascii.write("Vendor advisory: Not available\n")
- cves = "CVE ID : "
- if len(cve) > 0:
- for i in cve:
- cves += i
- cves += " "
- ascii.write(cves + "\n")
- else:
- ascii.write(cves + "None so far\n")
- ascii.write("\n")
- for i in descr:
- ascii.write(i + "\n")
- ascii.write("\n")
+ # FIXME, correct indents
+
ascii.write("------------------------------------------------------------------------------\n")
+ ascii.write("Debian Testing Security Advisory "+ id +
((12-len(id))*" ") + " http://secure-testing.debian.net\n")
+ ascii.write("secure-testing-team@lists.alioth.debian.org " +
((34-len(author))*" ") + author + "\n")
+ ascii.write(date + "\n")
+
ascii.write("------------------------------------------------------------------------------\n")
+ ascii.write("\n")
+ ascii.write("Package : " + src + "\n")
+ ascii.write("Vulnerability : " + vuln_type + "\n")
+ ascii.write("Problem-Scope : " + scope + "\n")
+ ascii.write("Debian-specific: " + yn(debian_specific) +
"\n")
+# if len(vendor_advisory) > 0:
+# ascii.write("Vendor advisory: " + vendor_advisory +
"\n")
+# else:
+# ascii.write("Vendor advisory: Not available\n")
+ cves = "CVE ID : "
+ if len(cve) > 0:
+ for i in cve:
+ cves += i
+ cves += " "
+ ascii.write(cves + "\n")
+ else:
+ ascii.write(cves + "None so far\n")
+ ascii.write("\n")
+ for i in descr:
+ ascii.write(i + "\n")
+ ascii.write("\n")
- ascii.write("For the testing distribution (etch) this is fixed in
version\n")
- ascii.write(testing_fix + "\n")
- ascii.write("\n")
+ ascii.write("For the testing distribution (etch) this is fixed in
version\n")
+ ascii.write(testing_fix + "\n")
+ ascii.write("\n")
- if len(sid_fix) > 0:
- ascii.write("For the unstable distribution (sid) this is fixed in
version\n")
- ascii.write(sid_fix + "\n")
- else:
- ascii.write("For the unstable distribution this problem will be
fixed soon\n")
- ascii.write("\n")
+ if len(sid_fix) > 0:
+ ascii.write("For the unstable distribution (sid) this is fixed in
version\n")
+ ascii.write(sid_fix + "\n")
+ else:
+ ascii.write("For the unstable distribution this problem will be fixed
soon\n")
+ ascii.write("\n")
- ascii.write("This upgrade is recommended if you use " + src +
".\n")
- ascii.write("\n")
+ ascii.write("This upgrade is recommended if you use " + src +
".\n")
+ ascii.write("\n")
- ascii.write("The Debian testing security team does not track security
issues for then\n")
- ascii.write("stable (sarge) and oldstable (woody) distributions. If
stable is vulnerable,\n")
- ascii.write("the Debian security team will make an announcement once a
fix is ready.\n")
- ascii.write("\n")
+ ascii.write("The Debian testing security team does not track security
issues for then\n")
+ ascii.write("stable (sarge) and oldstable (woody) distributions. If
stable is vulnerable,\n")
+ ascii.write("the Debian security team will make an announcement once a
fix is ready.\n")
+ ascii.write("\n")
- ascii.write("Upgrade Instructions\n")
- ascii.write("--------------------\n")
- ascii.write("\n")
+ ascii.write("Upgrade Instructions\n")
+ ascii.write("--------------------\n")
+ ascii.write("\n")
- ascii.write("To use the Debian testing security archive, add the
following lines to\n")
- ascii.write("your /etc/apt/sources.list:\n")
- ascii.write("\n")
- ascii.write("deb
http://secure-testing-mirrors.debian.net/debian-security-updates
etch-proposed-updates/security-updates main contrib non-free\n")
- ascii.write("deb-src
http://secure-testing-mirrors.debian.net/debian-security-updates
etch-proposed-updates/security-updates main contrib non-free\n")
- ascii.write("\n")
- ascii.write("The archive signing key can be downloaded from\n")
- ascii.write("http://secure-testing.debian.net/ziyi-2005-7.asc\n")
- ascii.write("\n")
+ ascii.write("To use the Debian testing security archive, add the
following lines to\n")
+ ascii.write("your /etc/apt/sources.list:\n")
+ ascii.write("\n")
+ ascii.write("deb
http://secure-testing-mirrors.debian.net/debian-security-updates
etch-proposed-updates/security-updates main contrib non-free\n")
+ ascii.write("deb-src
http://secure-testing-mirrors.debian.net/debian-security-updates
etch-proposed-updates/security-updates main contrib non-free\n")
+ ascii.write("\n")
+ ascii.write("The archive signing key can be downloaded from\n")
+ ascii.write("http://secure-testing.debian.net/ziyi-2005-7.asc\n")
+ ascii.write("\n")
- ascii.write("To install the update, run this command as root:\n")
- ascii.write("\n")
+ ascii.write("To install the update, run this command as root:\n")
+ ascii.write("\n")
- ascii.write("apt-get update && apt-get install "+ src +
"FIXME, I''m broken \n")
- ascii.write("\n")
+ ascii.write("apt-get update && apt-get install "+ src +
"FIXME, I''m broken \n")
+ ascii.write("\n")
- ascii.write("For further information about the Debian testing security
team, please refer\n")
- ascii.write("to http://secure-testing.debian.net/\n")
+ ascii.write("For further information about the Debian testing security
team, please refer\n")
+ ascii.write("to http://secure-testing.debian.net/\n")
- # FIXME, use python-crypto for inclusion of SHA-1 checksums
+ # FIXME, use python-crypto for inclusion of SHA-1 checksums
- print "ASCII representation has been exported"
+ print "ASCII representation has been exported"
def yn(v):
- if v:
- return "Yes"
- else:
- return "No"
+ if v:
+ return "Yes"
+ else:
+ return "No"
def update_dtsa():
- pass
+ pass
opts, pargs = getopt.getopt(sys.argv[1:], "up")
# FIXME, better cmdline error handling
if len(opts) < 1:
- print_usage()
+ print_usage()
if len(opts) != 1:
- print_usage()
+ print_usage()
if opts[0][0] == "-u":
- update_dtsa()
+ update_dtsa()
if opts[0][0] == "-p":
- process_dtsa(pargs[0].strip())
+ process_dtsa(pargs[0].strip())