| 1 |
#!/bin/sh
|
| 2 |
|
| 3 |
####################
|
| 4 |
# Copyright (C) 2011 by Raphael Geissert <geissert@debian.org>
|
| 5 |
#
|
| 6 |
#
|
| 7 |
# This file is free software: you can redistribute it and/or modify
|
| 8 |
# it under the terms of the GNU General Public License as published by
|
| 9 |
# the Free Software Foundation, either version 3 of the License, or
|
| 10 |
# (at your option) any later version.
|
| 11 |
#
|
| 12 |
# This file is distributed in the hope that it will be useful,
|
| 13 |
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
| 14 |
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
| 15 |
# GNU General Public License for more details.
|
| 16 |
#
|
| 17 |
# You should have received a copy of the GNU General Public License
|
| 18 |
# along with this file. If not, see <http://www.gnu.org/licenses/>.
|
| 19 |
####################
|
| 20 |
|
| 21 |
set -e
|
| 22 |
|
| 23 |
OLDSTABLE=lenny
|
| 24 |
STABLE=squeeze
|
| 25 |
TESTING=wheezy
|
| 26 |
|
| 27 |
export LANG=C
|
| 28 |
|
| 29 |
[ -f doc/DSA.template ] || {
|
| 30 |
echo "error: call this script from the root of the repository" >&2
|
| 31 |
exit 1
|
| 32 |
}
|
| 33 |
|
| 34 |
[ $# -ge 2 ] || {
|
| 35 |
echo "usage: $0 [--save] [DSA] package vulnerability [cve(s) [bugnumber]]" >&2
|
| 36 |
exit 1
|
| 37 |
}
|
| 38 |
|
| 39 |
save=false
|
| 40 |
if [ "$1" = "--save" ]; then
|
| 41 |
save=true
|
| 42 |
shift
|
| 43 |
fi
|
| 44 |
|
| 45 |
DSAID=
|
| 46 |
if printf '%s' "$1" | grep -Eq '^[0-9]+(-[0-9]+|)$'; then
|
| 47 |
DSAID="$1"
|
| 48 |
shift
|
| 49 |
fi
|
| 50 |
|
| 51 |
PACKAGE="$(printf '%s' "$1" | tr "[:upper:]" "[:lower:]")"
|
| 52 |
VULNERABILITY="$2"
|
| 53 |
CVE="$(printf '%s' "$3" | tr "[:lower:]" "[:upper:]")"
|
| 54 |
BUGNUM="$4"
|
| 55 |
|
| 56 |
CVE="$(printf '%s' "$CVE" | sed 's/[ ,;]+/ /g' | tr ' ' "\n" | sort -n | tr "\n" ' ')"
|
| 57 |
cve_spacing=
|
| 58 |
|
| 59 |
for i in $(seq 0 16); do
|
| 60 |
cve_spacing="$cve_spacing "
|
| 61 |
done
|
| 62 |
sed_cmd='s/((CVE-[0-9-]+[ ]+){4})(.+)$/\1\\n'"$cve_spacing"'\3/g;P;D'
|
| 63 |
CVE_LIST="$(printf '%s' "$CVE" | sed -r "$sed_cmd")"
|
| 64 |
|
| 65 |
case "$DSAID" in
|
| 66 |
*-*|'')
|
| 67 |
:
|
| 68 |
;;
|
| 69 |
*)
|
| 70 |
echo "warning: missing DSA revision number, assuming 1" >&2
|
| 71 |
DSAID="$DSAID-1"
|
| 72 |
;;
|
| 73 |
esac
|
| 74 |
|
| 75 |
dsa_exists() {
|
| 76 |
grep -wq "DSA-$1" data/DSA/list
|
| 77 |
}
|
| 78 |
|
| 79 |
if [ -z "$DSAID" ]; then
|
| 80 |
latest_dsa="$(sed -r '/DSA-/{s/^.+DSA-([0-9]+).*$/\1/;q}' data/DSA/list)"
|
| 81 |
dsa=$(($latest_dsa+1))
|
| 82 |
c=0
|
| 83 |
while dsa_exists "$dsa-1"; do
|
| 84 |
dsa=$(($dsa+1))
|
| 85 |
c=$(($c+1))
|
| 86 |
if [ $c -eq 10 ]; then
|
| 87 |
echo "error: unable to find an unused DSA id after $c attempts" >&2
|
| 88 |
echo "to workaround specify an id as the first parameter" >&2
|
| 89 |
exit 1
|
| 90 |
fi
|
| 91 |
done
|
| 92 |
DSAID="$dsa-1"
|
| 93 |
fi
|
| 94 |
|
| 95 |
if dsa_exists "$DSAID"; then
|
| 96 |
echo "error: DSA-$DSAID has already been used" >&2
|
| 97 |
exit 1
|
| 98 |
fi
|
| 99 |
|
| 100 |
setvar() {
|
| 101 |
local var="$1" value="$2"
|
| 102 |
|
| 103 |
if [ -z "$value" ]; then
|
| 104 |
value="$(eval 'printf "%s" "$'"$var"'"')"
|
| 105 |
fi
|
| 106 |
|
| 107 |
sed -i "s=\$$var=$value=g" "$tmpf"
|
| 108 |
}
|
| 109 |
|
| 110 |
tmpf=$(mktemp)
|
| 111 |
cat doc/DSA.template > $tmpf
|
| 112 |
|
| 113 |
name_length=$(echo -n "$DEBFULLNAME" | wc -c)
|
| 114 |
spacing=$((24-$name_length))
|
| 115 |
SPACEDDEBFULLNAME="$DEBFULLNAME"
|
| 116 |
while [ $spacing -gt 0 ]; do
|
| 117 |
SPACEDDEBFULLNAME=" $SPACEDDEBFULLNAME"
|
| 118 |
spacing=$((spacing-1))
|
| 119 |
done
|
| 120 |
|
| 121 |
DATE="$(date +"%B %d, %Y")"
|
| 122 |
date_length=$(echo -n "$DATE" | wc -c)
|
| 123 |
spacing=$((22-$date_length))
|
| 124 |
SPACEDDATE="$DATE"
|
| 125 |
while [ $spacing -gt 0 ]; do
|
| 126 |
SPACEDDATE="$SPACEDDATE "
|
| 127 |
spacing=$((spacing-1))
|
| 128 |
done
|
| 129 |
|
| 130 |
setvar DEBEMAIL
|
| 131 |
setvar DEBFULLNAME
|
| 132 |
setvar SPACEDDEBFULLNAME
|
| 133 |
setvar PACKAGE
|
| 134 |
setvar CVE "$CVE_LIST"
|
| 135 |
setvar REMLOCAL "${REMLOCAL:-remote}"
|
| 136 |
setvar DSAID
|
| 137 |
setvar BUGNUM
|
| 138 |
setvar VULNERABILITY
|
| 139 |
setvar DEBIANSPECIFIC "${DEBIANSPECIFIC:-no}"
|
| 140 |
setvar OLDSTABLE
|
| 141 |
setvar STABLE
|
| 142 |
setvar TESTING
|
| 143 |
setvar SPACEDDATE
|
| 144 |
setvar DATE
|
| 145 |
|
| 146 |
for dist in $OLDSTABLE $STABLE $TESTING UNSTABLE; do
|
| 147 |
version="$(eval 'printf "%s" "$'"$dist"_VERSION'"')"
|
| 148 |
[ -z "$version" ] || setvar "${dist}_VERSION" "$version"
|
| 149 |
done
|
| 150 |
|
| 151 |
|
| 152 |
if ! $save; then
|
| 153 |
cat $tmpf
|
| 154 |
echo
|
| 155 |
echo " ---- "
|
| 156 |
echo "Pass --save as the first parameter to save the text to DSA-$DSAID"
|
| 157 |
echo "(the data/DSA/list entry will also be added)"
|
| 158 |
rm -f "$tmpf"
|
| 159 |
exit
|
| 160 |
else
|
| 161 |
mv -i $tmpf "DSA-$DSAID" || { rm -f $tmpf; exit; }
|
| 162 |
dsa_entry=$(mktemp)
|
| 163 |
cat <<EOF > $dsa_entry
|
| 164 |
[$(date +"%d %b %Y")] DSA-$DSAID $PACKAGE - $VULNERABILITY
|
| 165 |
EOF
|
| 166 |
|
| 167 |
if [ "$CVE" ]; then
|
| 168 |
printf "\t{%s}\n" "$CVE" >> $dsa_entry
|
| 169 |
fi
|
| 170 |
|
| 171 |
for dist in $OLDSTABLE $STABLE; do
|
| 172 |
version="$(eval 'printf "%s" "$'"$dist"_VERSION'"')"
|
| 173 |
[ -z "$version" ] || \
|
| 174 |
printf "\t[%s] - %s %s\n" "$dist" "$PACKAGE" "$version" >> $dsa_entry
|
| 175 |
done
|
| 176 |
tmp_list="$(mktemp)"
|
| 177 |
cat $dsa_entry data/DSA/list > $tmp_list
|
| 178 |
cat $tmp_list > data/DSA/list
|
| 179 |
rm -f $tmp_list
|
| 180 |
echo "DSA text written to ./DSA-$DSAID"
|
| 181 |
fi
|
Parent Directory
| 
Revision Log