Contents of /bin/dsa2list

#!/usr/bin/python

# Reasonably well-formed announcements to the debian-security-announce
# mailing list can be piped through this script.  The result is an
# entry suitable for data/DSA/list.

import os
import os.path
import re
import string
import sys
import time
import urllib2

def setup_paths():
    check_file = 'lib/python/debian_support.py'
    paths = [os.getcwd(), os.path.dirname(sys.argv[0])]
    try:
        paths.append(os.path.dirname(os.readlink(sys.argv[0])))
    except OSError:
        pass
    for path in paths:
        while 1:
            if os.path.exists("%s/%s" % (path, check_file)):
                sys.path = [path + '/lib/python'] + sys.path
                return path
            idx = string.rfind(path, '/')
            if idx == -1:
                break
            path = path[0:idx]
    raise ImportError, "could not setup paths"
os.chdir(setup_paths())

import debian_support

# DSAs do not contain version numbers with epochs, so they are useless
# for our purposes.

def fetch_dsc(url):
    u = urllib2.urlopen(url)
    assert u.readline()[0] == '-'       # OpenPGP cleartext signature header
    
    def parse(*regexps):
        result = [None] * len(regexps)
        for line in u:
            for i in range(len(regexps)):
                match = regexps[i].match(line)
                if match:
                    result[i] = match.groups()[0]
                    continue
            if line[0] == '-':
                break
        return result

    (source, version)= parse(re.compile("^Source: (\S+)$"),
                             re.compile("^Version: (\S+)$"))
    assert source is not None
    assert version is not None
    return (source, version)

re_title = re.compile(r'^Subject: .*\[DSA (\d+-\d+)\] .* fix(?:es)? (.*)$')
re_date = re.compile(r'^([A-Z][a-z][a-z])[a-z]* (\d+)[a-z]*, (\d+)\s+http://.*')

re_cve = re.compile('(CVE-\d{4}-\d{4})')
release_headline_re = re.compile(
    r'^Debian GNU/Linux [0-9.]+ (?:\(|alias) ([a-z]+).*')
dscurl_re = re.compile(r'^\s*(http://\S+\.dsc).*')

# Variants used by "dak new-security-install"
re_date1 = re.compile(r'^([A-Z][a-z][a-z])[a-z]* (\d+), (2\d{3}).*')
release_headline1_re = re.compile(r'^Debian [0-9.]+ \(([a-z]+)\).*')
release_map = {'stable' : 'etch', 'oldstable' : 'sarge'}

def process_file(file):
    cve_names = {}
    package_notes = []
    release = ''
    date = ''
    dsa_name = ''
    title = ''
    packages = {}
    for line in file.readlines():
        match = re_title.match(line)
        if match:
            (dsa_name, title) = match.groups()
            continue

        match = re_date.match(line)
        if match:
            (m, d, y) = match.groups()
            date = "%02d %s %s" % (int(d), m, y)
            continue

        for cve in re_cve.findall(line):
            cve_names[cve] = True

        match  = release_headline_re.match(line)
        if match:
            (release,) = match.groups()
            continue

        match = dscurl_re.match(line)
        if match:
            assert release
            (source, version) = fetch_dsc(match.groups()[0])
            packages[source] = True
            package_notes.append((release, source, version))

        # Variants used by "dak new-security-install"

        match = re_date1.match(line)
        if match:
            (m, d, y) = match.groups()
            date = "%02d %s %s" % (int(d), m, y)
            continue
        match  = release_headline1_re.match(line)
        if match:
            (release,) = match.groups()
            release = release_map[release]
            continue

    assert date
    assert title
    packages = packages.keys()
    packages.sort()
    print "[%s] DSA-%s %s - %s" % (date, dsa_name, ' '.join(packages), title)

    cve_names = cve_names.keys()
    if cve_names:
        cve_names.sort()
        print "\t{%s}" % (' '.join(cve_names))

    for (release, source, version) in package_notes:
        print "\t[%s] - %s %s" % (release, source, version)

if len(sys.argv) == 1:
    process_file(sys.stdin)
else:
    l = sys.argv[1:]
    l.reverse()
    def is_bad(f):
        if os.path.exists(f):
            return True
        sys.stderr.write("error: file does not exist: %s\n" % f)
        return False
    l = filter(is_bad, l)
    for x in l:
        process_file(file(x))
1	#!/usr/bin/python
2
3	# Reasonably well-formed announcements to the debian-security-announce
4	# mailing list can be piped through this script. The result is an
5	# entry suitable for data/DSA/list.
6
7	import os
8	import os.path
9	import re
10	import string
11	import sys
12	import time
13	import urllib2
14
15	def setup_paths():
16	check_file = 'lib/python/debian_support.py'
17	paths = [os.getcwd(), os.path.dirname(sys.argv[0])]
18	try:
19	paths.append(os.path.dirname(os.readlink(sys.argv[0])))
20	except OSError:
21	pass
22	for path in paths:
23	while 1:
24	if os.path.exists("%s/%s" % (path, check_file)):
25	sys.path = [path + '/lib/python'] + sys.path
26	return path
27	idx = string.rfind(path, '/')
28	if idx == -1:
29	break
30	path = path[0:idx]
31	raise ImportError, "could not setup paths"
32	os.chdir(setup_paths())
33
34	import debian_support
35
36	# DSAs do not contain version numbers with epochs, so they are useless
37	# for our purposes.
38
39	def fetch_dsc(url):
40	u = urllib2.urlopen(url)
41	assert u.readline()[0] == '-' # OpenPGP cleartext signature header
42
43	def parse(*regexps):
44	result = [None] * len(regexps)
45	for line in u:
46	for i in range(len(regexps)):
47	match = regexps[i].match(line)
48	if match:
49	result[i] = match.groups()[0]
50	continue
51	if line[0] == '-':
52	break
53	return result
54
55	(source, version)= parse(re.compile("^Source: (\S+)$"),
56	re.compile("^Version: (\S+)$"))
57	assert source is not None
58	assert version is not None
59	return (source, version)
60
61	re_title = re.compile(r'^Subject: .\[DSA (\d+-\d+)\] . fix(?:es)? (.*)$')
62	re_date = re.compile(r'^([A-Z][a-z][a-z])[a-z]* (\d+)[a-z], (\d+)\s+http://.')
63
64	re_cve = re.compile('(CVE-\d{4}-\d{4})')
65	release_headline_re = re.compile(
66	r'^Debian GNU/Linux [0-9.]+ (?:\(\|alias) ([a-z]+).*')
67	dscurl_re = re.compile(r'^\s(http://\S+\.dsc).')
68
69	# Variants used by "dak new-security-install"
70	re_date1 = re.compile(r'^([A-Z][a-z][a-z])[a-z]* (\d+), (2\d{3}).*')
71	release_headline1_re = re.compile(r'^Debian [0-9.]+ \(([a-z]+)\).*')
72	release_map = {'stable' : 'etch', 'oldstable' : 'sarge'}
73
74	def process_file(file):
75	cve_names = {}
76	package_notes = []
77	release = ''
78	date = ''
79	dsa_name = ''
80	title = ''
81	packages = {}
82	for line in file.readlines():
83	match = re_title.match(line)
84	if match:
85	(dsa_name, title) = match.groups()
86	continue
87
88	match = re_date.match(line)
89	if match:
90	(m, d, y) = match.groups()
91	date = "%02d %s %s" % (int(d), m, y)
92	continue
93
94	for cve in re_cve.findall(line):
95	cve_names[cve] = True
96
97	match = release_headline_re.match(line)
98	if match:
99	(release,) = match.groups()
100	continue
101
102	match = dscurl_re.match(line)
103	if match:
104	assert release
105	(source, version) = fetch_dsc(match.groups()[0])
106	packages[source] = True
107	package_notes.append((release, source, version))
108
109	# Variants used by "dak new-security-install"
110
111	match = re_date1.match(line)
112	if match:
113	(m, d, y) = match.groups()
114	date = "%02d %s %s" % (int(d), m, y)
115	continue
116	match = release_headline1_re.match(line)
117	if match:
118	(release,) = match.groups()
119	release = release_map[release]
120	continue
121
122	assert date
123	assert title
124	packages = packages.keys()
125	packages.sort()
126	print "[%s] DSA-%s %s - %s" % (date, dsa_name, ' '.join(packages), title)
127
128	cve_names = cve_names.keys()
129	if cve_names:
130	cve_names.sort()
131	print "\t{%s}" % (' '.join(cve_names))
132
133	for (release, source, version) in package_notes:
134	print "\t[%s] - %s %s" % (release, source, version)
135
136	if len(sys.argv) == 1:
137	process_file(sys.stdin)
138	else:
139	l = sys.argv[1:]
140	l.reverse()
141	def is_bad(f):
142	if os.path.exists(f):
143	return True
144	sys.stderr.write("error: file does not exist: %s\n" % f)
145	return False
146	l = filter(is_bad, l)
147	for x in l:
148	process_file(file(x))