Author: fw
Date: 2005-10-20 09:04:11 +0000 (Thu, 20 Oct 2005)
New Revision: 2491
Modified:
bin/tracker_service.py
Log:
r773@deneb: fw | 2005-10-20 10:42:35 +0200
bin/tracker_service.py (BugFilter):
New class.
(TrackerService):
Use it where applicable.
Modified: bin/tracker_service.py
==================================================================---
bin/tracker_service.py 2005-10-20 09:04:01 UTC (rev 2490)
+++ bin/tracker_service.py 2005-10-20 09:04:11 UTC (rev 2491)
@@ -14,6 +14,37 @@
import security_db
from web_support import *
+class BugFilter:
+ def __init__(self, params):
+ self.hide_medium_urgency =
int(params.get(''hide_medium_urgency'',
+ (0,))[0])
+ self.hide_non_remote =
int(params.get(''hide_non_remote'',
+ (0,))[0])
+
+ def actions(self, url):
+ """Returns a HTML snippet which can be used to change
the filter."""
+ if self.hide_medium_urgency:
+ urg = A(url.updateParams(hide_medium_urgency=None),
+ ''Show lower urgencies'')
+ else:
+ urg =
A(url.updateParams(hide_medium_urgency=''1''),
+ ''Hide lower urgencies'')
+ if self.hide_non_remote:
+ rem = A(url.updateParams(hide_non_remote=None),
+ ''Show local vulnerabilities'')
+ else:
+ rem = A(url.updateParams(hide_non_remote=''1''),
+ ''Hide local vulnerabilities'')
+ return P(urg, '' '', rem)
+
+ def urgencyFiltered(self, urg):
+ """Returns True if the urgency urg is
filtered."""
+ return self.hide_medium_urgency and urg not in ("high",
"unknown", "")
+
+ def remoteFiltered(self, remote):
+ """Returns True if the attack range is
filtered."""
+ return remote is not None and self.hide_non_remote and not remote
+
class TrackerService(WebService):
head_contents = compose(STYLE(
"""h1 { font-size : 144%; }
@@ -459,12 +490,19 @@
this package, but still reference it.""")])
def page_status_release_stable(self, path, params, url):
+ bf = BugFilter(params)
+
def gen():
old_pkg_name = ''''
for (pkg_name, bug_name, archive, urgency, remote) in \
self.db.cursor().execute(
"""SELECT package, bug, section, urgency, remote
FROM stable_status"""):
+ if bf.urgencyFiltered(urgency):
+ continue
+ if bf.remoteFiltered(remote):
+ continue
+
if pkg_name == old_pkg_name:
pkg_name = ''''
else:
@@ -488,10 +526,13 @@
return self.create_page(
url, ''Vulnerable source packages in the stable
suite'',
- [make_table(gen(), caption=("Package", "Bug",
"Urgency",
+ [bf.actions(url),
+ make_table(gen(), caption=("Package", "Bug",
"Urgency",
"Remote"))])
def page_status_release_testing(self, path, params, url):
+ bf = BugFilter(params)
+
def gen():
old_pkg_name = ''''
for (pkg_name, bug_name, archive, urgency,
@@ -499,6 +540,11 @@
"""SELECT package, bug, section, urgency,
unstable_vulnerable,
testing_security_fixed, remote
FROM testing_status"""):
+ if bf.urgencyFiltered(urgency):
+ continue
+ if bf.remoteFiltered(remote):
+ continue
+
if pkg_name == old_pkg_name:
pkg_name = ''''
else:
@@ -531,21 +577,31 @@
url, ''Vulnerable source packages in the testing
suite'',
[make_menu(url.scriptRelative,
("status/dtsa-candidates", "Candidates
for DTSAs")),
+ bf.actions(url),
make_table(gen(), caption=("Package", "Bug",
"Urgency",
"Remote"))])
def page_status_release_unstable(self, path, params, url):
+ bf = BugFilter(params)
+
def gen():
old_pkg_name = ''''
- for (pkg_name, bug_name, section, urgency) \
+ for (pkg_name, bug_name, section, urgency, remote) \
in self.db.cursor().execute(
"""SELECT DISTINCT sp.name, st.bug_name,
- sp.archive, st.urgency
+ sp.archive, st.urgency,
+ (SELECT range_remote FROM nvd_data
+ WHERE cve_name = st.bug_name)
FROM source_package_status AS st, source_packages AS sp
WHERE st.vulnerable AND st.urgency <>
''unimportant''
AND sp.rowid = st.package AND sp.release =
''sid''
AND sp.subrelease = ''''
ORDER BY sp.name, st.bug_name"""):
+ if bf.urgencyFiltered(urgency):
+ continue
+ if bf.remoteFiltered(remote):
+ continue
+
if pkg_name == old_pkg_name:
pkg_name = ''''
else:
@@ -555,12 +611,19 @@
else:
pkg_name = self.make_xref(url, pkg_name)
+ if remote is None:
+ remote = ''''
+ elif remote:
+ remote = ''yes''
+ else:
+ remote = ''no''
+
if urgency == ''unknown'':
urgency = ''''
elif urgency == ''high'':
urgency = self.make_red(urgency)
- yield pkg_name, self.make_xref(url, bug_name), urgency
+ yield pkg_name, self.make_xref(url, bug_name), urgency, remote
return self.create_page(
@@ -570,12 +633,17 @@
fixed source version has been uploaded to the archive, even
if there are still some vulnerably binary packages present
in the archive."""),
- make_table(gen(), caption=(''Package'',
''Bug'', ''Urgency''))])
+ bf.actions(url),
+ make_table(gen(), caption=(''Package'',
''Bug'', ''Urgency'',
+ ''Remote''))])
def page_status_dtsa_candidates(self, path, params, url):
+ bf = BugFilter(params)
+
def gen():
old_pkg_name = ''''
- for (pkg_name, bug_name, archive, urgency, stable_later) \
+ for (pkg_name, bug_name, archive, urgency, stable_later,
+ remote) \
in self.db.cursor().execute(
"""SELECT package, bug, section, urgency,
(SELECT testing.version_id < stable.version_id
@@ -587,10 +655,17 @@
AND stable.name = testing_status.package
AND stable.release = ''sarge''
AND stable.subrelease = ''security''
- AND stable.archive = testing_status.section)
+ AND stable.archive = testing_status.section),
+ (SELECT range_remote FROM nvd_data
+ WHERE cve_name = bug)
FROM testing_status
WHERE (NOT unstable_vulnerable)
AND (NOT testing_security_fixed)"""):
+ if bf.urgencyFiltered(urgency):
+ continue
+ if bf.remoteFiltered(remote):
+ continue
+
if pkg_name == old_pkg_name:
pkg_name = ''''
migration = ''''
@@ -603,6 +678,13 @@
else:
pkg_name = self.make_source_package_ref(url, pkg_name)
+ if remote is None:
+ remote = ''''
+ elif remote:
+ remote = ''yes''
+ else:
+ remote = ''no''
+
if urgency == ''unknown'':
urgency = ''''
elif urgency == ''high'':
@@ -614,7 +696,7 @@
notes = ''''
yield (pkg_name, migration, self.make_xref(url, bug_name),
- urgency, notes)
+ urgency, remote, notes)
return self.create_page(
url, "Candidates for DTSAs",
@@ -625,8 +707,10 @@
make_menu(url.scriptRelative,
("status/release/testing",
"List of vulnerable packages in testing")),
+ bf.actions(url),
make_table(gen(),
- caption=("Package", "Migration",
"Bug", "Urgency"))])
+ caption=("Package", "Migration",
"Bug", "Urgency",
+ "Remote"))])
def page_status_todo(self, path, params, url):
def gen():