Secure testing commits - Jan 2010 - r13703 - lib/python

Author: gilbert-guest
Date: 2010-01-03 17:25:10 +0000 (Sun, 03 Jan 2010)
New Revision: 13703

Modified:
   lib/python/security_db.py
Log:
previous commit is likely insufficient.   the problem was that the variable
''status'' was being used in two different contexts.  using two
different
variables now.


Modified: lib/python/security_db.py
==================================================================---
lib/python/security_db.py	2010-01-03 15:54:25 UTC (rev 13702)
+++ lib/python/security_db.py	2010-01-03 17:25:10 UTC (rev 13703)
@@ -1203,9 +1203,9 @@
                 VALUES (?, ''unstable'', ?,
?)""", (bug_name, status, pkgs))
         else:
             if have_something:
-                status = "not vulnerable"
+                status = "not vulnerable."
             else:
-                status = "not known to be vulnerable"
+                status = "not known to be vulnerable."
             cursor.execute("""INSERT INTO bug_status
                 (bug_name, release, status, reason)
                 VALUES (?, ''unstable'',
''fixed'', ?)""",
@@ -1249,19 +1249,15 @@
         unfixed_pkgs.sort()
         undet_pkgs = undet_pkgs.keys()
         undet_pkgs.sort()
+
+        pkgs = ""
+        result = "undetermined"
         if len(unfixed_pkgs) == 0 and len(undet_pkgs) == 0:
             if len(status[''''].keys()) == 0:
-                msg = "not known to be vulnerable"
+                pkgs += "not known to be vulnerable"
             else:
-                msg = "not vulnerable"
-            cursor.execute("""INSERT INTO bug_status
-            (bug_name, release, status, reason)
-            VALUES (?, ?, ''fixed'', ?)""",
-                           (bug_name, suite, msg))
-            return
-
-        pkgs = ""
-        status = "unknown"
+                pkgs += "not vulnerable"
+            result = "fixed"
         if len(unfixed_pkgs) > 0:
             if len(unfixed_pkgs) == 1:
                 pkgs += "package " + unfixed_pkgs[0] + " is
"
@@ -1270,23 +1266,22 @@
             if fixed_in_security:
                 pkgs = "%sfixed in %s-security. " % (pkgs, suite)
                 if suite == "stable":
-                    status = "fixed"
+                    result = "fixed"
                 else:
-                    status = "partially-fixed"
+                    result = "partially-fixed"
             else:
                 pkgs += "vulnerable. "
-                status = "vulnerable"
-        else:
-            status = "undetermined"
-        if len(undet_pkgs) == 1:
-            pkgs += "package " + undet_pkgs[0] + " may be
vulnerable but needs to be checked."
-        else:
-            pkgs += "packages " + ", ".join(undet_pkgs) +
" may be vulnerable but need to be checked."
+                result = "vulnerable"
+        if len(undet_pkgs) > 0:
+            if len(undet_pkgs) == 1:
+                pkgs += "package " + undet_pkgs[0] + " may be
vulnerable but needs to be checked."
+            else:
+                pkgs += "packages " + ", ".join(undet_pkgs)
+ " may be vulnerable but need to be checked."
 
         cursor.execute("""INSERT INTO bug_status
         (bug_name, release, status, reason)
         VALUES (?, ?, ?, ?)""",
-              (bug_name, suite, status, pkgs))
+              (bug_name, suite, result, pkgs))
 
     def calculateDebsecan0(self, release):
         """Create data for the debsecan tool (VERSION 0
format)."""