Contents of /bin/dsa2list

#!/usr/bin/python

# Reasonably well-formed announcements to the debian-security-announce
# mailing list can be piped through this script.  The result is an
# entry suitable for data/DSA/list.

import os
import os.path
import re
import string
import sys
import time
import urllib2

def setup_paths():
    check_file = 'lib/python/debian_support.py'
    paths = [os.getcwd(), os.path.dirname(sys.argv[0])]
    try:
        paths.append(os.path.dirname(os.readlink(sys.argv[0])))
    except OSError:
        pass
    for path in paths:
        while 1:
            if os.path.exists("%s/%s" % (path, check_file)):
                sys.path = [path + '/lib/python'] + sys.path
                return path
            idx = string.rfind(path, '/')
            if idx == -1:
                break
            path = path[0:idx]
    raise ImportError, "could not setup paths"
os.chdir(setup_paths())

import debian_support

# DSAs do not contain version numbers with epochs, so they are useless
# for our purposes.

def fetch_dsc(url):
    u = urllib2.urlopen(url)
    assert u.readline()[0] == '-'       # OpenPGP cleartext signature header
    
    def parse(*regexps):
        result = [None] * len(regexps)
        for line in u:
            for i in range(len(regexps)):
                match = regexps[i].match(line)
                if match:
                    result[i] = match.groups()[0]
                    continue
            if line[0] == '-':
                break
        return result

    (source, version)= parse(re.compile("^Source: (\S+)$"),
                             re.compile("^Version: (\S+)$"))
    assert source is not None
    assert version is not None
    return (source, version)

re_title = re.compile(r'^Subject: .*\[DSA (\d+-\d+)\] .* fix(?:es)? (.*)$')
re_date = re.compile(r'^([A-Z][a-z][a-z])[a-z]* (\d+)[a-z]*, (\d+)\s+http://.*')

re_cve = re.compile('(CVE-\d{4}-\d{4})')
release_headline_re = re.compile(
    r'^Debian GNU/Linux [0-9.]+ (?:\(|alias) ([a-z]+).*')
dscurl_re = re.compile(r'^\s*(http://\S+\.dsc).*')

# Variants used by "dak new-security-install"
re_date1 = re.compile(r'^([A-Z][a-z][a-z])[a-z]* (\d+), (2\d{3}).*')
release_headline1_re = re.compile(r'^Debian [0-9.]+ \(([a-z]+)\).*')
release_map = {'stable' : 'etch', 'oldstable' : 'sarge'}

def process_file(file):
    cve_names = {}
    package_notes = []
    release = ''
    date = ''
    dsa_name = ''
    title = ''
    packages = {}
    for line in file.readlines():
        match = re_title.match(line)
        if match:
            (dsa_name, title) = match.groups()
            continue

        match = re_date.match(line)
        if match:
            (m, d, y) = match.groups()
            date = "%02d %s %s" % (int(d), m, y)
            continue

        for cve in re_cve.findall(line):
            cve_names[cve] = True

        match  = release_headline_re.match(line)
        if match:
            (release,) = match.groups()
            continue

        match = dscurl_re.match(line)
        if match:
            assert release
            (source, version) = fetch_dsc(match.groups()[0])
            packages[source] = True
            package_notes.append((release, source, version))

        # Variants used by "dak new-security-install"

        match = re_date1.match(line)
        if match:
            (m, d, y) = match.groups()
            date = "%02d %s %s" % (int(d), m, y)
            continue
        match  = release_headline1_re.match(line)
        if match:
            (release,) = match.groups()
            release = release_map[release]
            continue

    assert date
    assert title
    packages = packages.keys()
    packages.sort()
    print "[%s] DSA-%s %s - %s" % (date, dsa_name, ' '.join(packages), title)

    cve_names = cve_names.keys()
    if cve_names:
        cve_names.sort()
        print "\t{%s}" % (' '.join(cve_names))

    for (release, source, version) in package_notes:
        print "\t[%s] - %s %s" % (release, source, version)

if len(sys.argv) == 1:
    process_file(sys.stdin)
else:
    l = sys.argv[1:]
    l.reverse()
    def is_bad(f):
        if os.path.exists(f):
            return True
        sys.stderr.write("error: file does not exist: %s\n" % f)
        return False
    l = filter(is_bad, l)
    for x in l:
        process_file(file(x))
1	fw	3107	#!/usr/bin/python
2
3	fw	6436	# Reasonably well-formed announcements to the debian-security-announce
4			# mailing list can be piped through this script. The result is an
5			# entry suitable for data/DSA/list.
6
7	fw	3107	import os
8			import os.path
9			import re
10			import string
11			import sys
12			import time
13			import urllib2
14
15			def setup_paths():
16			check_file = 'lib/python/debian_support.py'
17	fw	6768	paths = [os.getcwd(), os.path.dirname(sys.argv[0])]
18			try:
19			paths.append(os.path.dirname(os.readlink(sys.argv[0])))
20			except OSError:
21			pass
22			for path in paths:
23			while 1:
24			if os.path.exists("%s/%s" % (path, check_file)):
25			sys.path = [path + '/lib/python'] + sys.path
26			return path
27			idx = string.rfind(path, '/')
28			if idx == -1:
29			break
30			path = path[0:idx]
31			raise ImportError, "could not setup paths"
32	fw	3107	os.chdir(setup_paths())
33
34			import debian_support
35
36	fw	6436	# DSAs do not contain version numbers with epochs, so they are useless
37			# for our purposes.
38
39	fw	3107	def fetch_dsc(url):
40			u = urllib2.urlopen(url)
41			assert u.readline()[0] == '-' # OpenPGP cleartext signature header
42
43			def parse(*regexps):
44			result = [None] * len(regexps)
45			for line in u:
46			for i in range(len(regexps)):
47			match = regexps[i].match(line)
48			if match:
49			result[i] = match.groups()[0]
50			continue
51			if line[0] == '-':
52			break
53			return result
54
55			(source, version)= parse(re.compile("^Source: (\S+)$"),
56			re.compile("^Version: (\S+)$"))
57			assert source is not None
58			assert version is not None
59			return (source, version)
60
61	fw	6436	re_title = re.compile(r'^Subject: .\[DSA (\d+-\d+)\] . fix(?:es)? (.*)$')
62	fw	6769	re_date = re.compile(r'^([A-Z][a-z][a-z])[a-z]* (\d+)[a-z], (\d+)\s+http://.')
63	fw	3107
64			re_cve = re.compile('(CVE-\d{4}-\d{4})')
65			release_headline_re = re.compile(
66	fw	6436	r'^Debian GNU/Linux [0-9.]+ (?:\(\|alias) ([a-z]+).*')
67			dscurl_re = re.compile(r'^\s(http://\S+\.dsc).')
68	fw	3107
69	fw	6769	# Variants used by "dak new-security-install"
70			re_date1 = re.compile(r'^([A-Z][a-z][a-z])[a-z]* (\d+), (2\d{3}).*')
71			release_headline1_re = re.compile(r'^Debian [0-9.]+ \(([a-z]+)\).*')
72			release_map = {'stable' : 'etch', 'oldstable' : 'sarge'}
73
74	fw	6438	def process_file(file):
75			cve_names = {}
76			package_notes = []
77			release = ''
78			date = ''
79			dsa_name = ''
80			title = ''
81			packages = {}
82			for line in file.readlines():
83			match = re_title.match(line)
84			if match:
85			(dsa_name, title) = match.groups()
86			continue
87	fw	3107
88	fw	6438	match = re_date.match(line)
89			if match:
90			(m, d, y) = match.groups()
91	fw	6472	date = "%02d %s %s" % (int(d), m, y)
92	fw	6770	continue
93	fw	3107
94	fw	6438	for cve in re_cve.findall(line):
95			cve_names[cve] = True
96	fw	3107
97	fw	6438	match = release_headline_re.match(line)
98			if match:
99			(release,) = match.groups()
100			continue
101	fw	3107
102	fw	6438	match = dscurl_re.match(line)
103			if match:
104			assert release
105			(source, version) = fetch_dsc(match.groups()[0])
106			packages[source] = True
107			package_notes.append((release, source, version))
108	fw	6436
109	fw	6769	# Variants used by "dak new-security-install"
110
111			match = re_date1.match(line)
112			if match:
113			(m, d, y) = match.groups()
114			date = "%02d %s %s" % (int(d), m, y)
115			continue
116			match = release_headline1_re.match(line)
117			if match:
118			(release,) = match.groups()
119			release = release_map[release]
120			continue
121
122	fw	6438	assert date
123			assert title
124			packages = packages.keys()
125			packages.sort()
126			print "[%s] DSA-%s %s - %s" % (date, dsa_name, ' '.join(packages), title)
127	fw	6436
128	fw	6438	cve_names = cve_names.keys()
129			if cve_names:
130			cve_names.sort()
131			print "\t{%s}" % (' '.join(cve_names))
132	fw	3107
133	fw	6438	for (release, source, version) in package_notes:
134			print "\t[%s] - %s %s" % (release, source, version)
135	fw	3107
136	fw	6438	if len(sys.argv) == 1:
137			process_file(sys.stdin)
138			else:
139	fw	6473	l = sys.argv[1:]
140			l.reverse()
141			def is_bad(f):
142			if os.path.exists(f):
143			return True
144			sys.stderr.write("error: file does not exist: %s\n" % f)
145			return False
146			l = filter(is_bad, l)
147			for x in l:
148	fw	6438	process_file(file(x))