| 24 |
webservice_base_class = WebServiceHTTP |
webservice_base_class = WebServiceHTTP |
| 25 |
|
|
| 26 |
class BugFilter: |
class BugFilter: |
| 27 |
default_action_list = [("hide_medium_urgency", "lower urgencies"), |
default_action_list = [("show_high_urgency", "only high urgencies"), |
| 28 |
("hide_non_remote", "local vulnerabilities")] |
("show_medium_urgency", "only medium and high urgencies"), |
| 29 |
|
("show_remote_only", "only remote vulnerabilities"), |
| 30 |
|
("show_undetermined_urgency", "undetermined and unimportant urgencies")] |
| 31 |
def __init__(self, params, action_list=None): |
def __init__(self, params, action_list=None): |
| 32 |
if action_list is None: |
if action_list is None: |
| 33 |
self.action_list = self.default_action_list |
self.action_list = self.default_action_list |
| 43 |
l = [] |
l = [] |
| 44 |
for (prop, desc) in self.action_list: |
for (prop, desc) in self.action_list: |
| 45 |
if self.params[prop]: |
if self.params[prop]: |
| 46 |
a = A(url.updateParamsDict({prop : None}), |
if self.params['show_medium_urgency'] and prop == 'show_medium_urgency': |
| 47 |
'Show ' + desc) |
note = 'Restore lower than medium urgencies' |
| 48 |
|
elif self.params['show_high_urgency'] and prop == 'show_high_urgency': |
| 49 |
|
note = 'Restore lower than high urgencies' |
| 50 |
|
else: |
| 51 |
|
note = 'Hide ' + desc |
| 52 |
|
l.append(TR(TD(A(url.updateParamsDict({prop : None}), note)))) |
| 53 |
else: |
else: |
| 54 |
a = A(url.updateParamsDict({prop : '1'}), |
note = 'Show ' + desc |
| 55 |
'Hide ' + desc) |
l.append(TR(TD(A(url.updateParamsDict({prop : '1'}), note)))) |
| 56 |
l.append(a) |
|
| 57 |
l.append(' ') |
return TABLE(l) |
| 58 |
|
|
| 59 |
return apply(P, l[:-1]) |
def urgencyFiltered(self, urg, vuln): |
| 60 |
|
"""Returns True for urgencies that should be filtered.""" |
| 61 |
def urgencyFiltered(self, urg): |
filterlow = self.params['show_medium_urgency'] and \ |
| 62 |
"""Returns True if the urgency urg is filtered.""" |
urg in ('low', 'unimportant', 'undetermined') |
| 63 |
return self.params['hide_medium_urgency'] \ |
filtermed = self.params['show_high_urgency'] and \ |
| 64 |
and urg not in ("high", "unknown", "") |
urg in ('medium', 'low', 'unimportant', 'undetermined') |
| 65 |
|
filteruni = not self.params['show_undetermined_urgency'] \ |
| 66 |
|
and vuln == 2 or urg == 'unimportant' |
| 67 |
|
return filterlow or filtermed or filteruni |
| 68 |
|
|
| 69 |
def remoteFiltered(self, remote): |
def remoteFiltered(self, remote): |
| 70 |
"""Returns True if the attack range is filtered.""" |
"""Returns True for only remote flaws if filtered.""" |
| 71 |
return remote is not None and self.params['hide_non_remote'] \ |
return remote is not None and not self.params['show_remote_only'] \ |
| 72 |
and not remote |
and not remote |
| 73 |
|
|
| 74 |
class BugFilterNoDSA(BugFilter): |
class BugFilterNoDSA(BugFilter): |
| 75 |
def __init__(self, params): |
def __init__(self, params): |
| 76 |
BugFilter.__init__(self, params, self.default_action_list |
BugFilter.__init__(self, params, self.default_action_list |
| 77 |
+ [('hide_nodsa', 'non-DSA vulnerabilities')]) |
+ [('show_nodsa', 'non-DSA vulnerabilities')]) |
|
self.hide_nodsa = int(params.get('hide_nodsa',(0,))[0]) |
|
| 78 |
|
|
| 79 |
def nodsaFiltered(self, nodsa): |
def nodsaFiltered(self, nodsa): |
| 80 |
"""Returns True if no DSA will be issued for the bug.""" |
"""Returns True for no DSA issues if filtered.""" |
| 81 |
return nodsa and self.params['hide_nodsa'] |
return nodsa and not self.params['show_nodsa'] |
| 82 |
|
|
| 83 |
class TrackerService(webservice_base_class): |
class TrackerService(webservice_base_class): |
| 84 |
head_contents = compose(STYLE( |
head_contents = compose(STYLE( |
| 633 |
|
|
| 634 |
def gen(): |
def gen(): |
| 635 |
old_pkg_name = '' |
old_pkg_name = '' |
| 636 |
for (pkg_name, bug_name, archive, urgency, remote, no_dsa) in \ |
for (pkg_name, bug_name, archive, urgency, vulnerable, remote, no_dsa) in \ |
| 637 |
self.db.cursor().execute( |
self.db.cursor().execute( |
| 638 |
"""SELECT package, bug, section, urgency, remote, no_dsa |
"""SELECT package, bug, section, urgency, vulnerable, remote, no_dsa |
| 639 |
FROM %s_status""" % release): |
FROM %s_status""" % release): |
| 640 |
if bf.urgencyFiltered(urgency): |
if bf.urgencyFiltered(urgency, vulnerable): |
| 641 |
continue |
continue |
| 642 |
if bf.remoteFiltered(remote): |
if bf.remoteFiltered(remote): |
| 643 |
continue |
continue |
| 644 |
if bf.nodsaFiltered(no_dsa): |
if bf.nodsaFiltered(no_dsa): |
| 645 |
continue |
continue |
| 646 |
|
|
| 647 |
if pkg_name == old_pkg_name: |
if pkg_name == old_pkg_name: |
| 648 |
pkg_name = '' |
pkg_name = '' |
| 649 |
else: |
else: |
| 658 |
else: |
else: |
| 659 |
remote = 'no' |
remote = 'no' |
| 660 |
|
|
| 661 |
if urgency == 'unknown': |
if vulnerable == 2: |
|
if no_dsa: |
|
|
urgency = 'no DSA' |
|
|
else: |
|
|
urgency = '' |
|
|
elif urgency == 'high': |
|
|
urgency = self.make_red(urgency) |
|
|
elif urgency == 'undetermined': |
|
| 662 |
urgency = self.make_purple(urgency) |
urgency = self.make_purple(urgency) |
| 663 |
|
|
| 664 |
|
if urgency == 'high': |
| 665 |
|
urgency = self.make_red(urgency) |
| 666 |
else: |
else: |
| 667 |
if no_dsa: |
if no_dsa: |
| 668 |
urgency = urgency + '*' |
urgency = urgency + '*' |
| 671 |
|
|
| 672 |
return self.create_page( |
return self.create_page( |
| 673 |
url, 'Vulnerable source packages in the %s suite' % release, |
url, 'Vulnerable source packages in the %s suite' % release, |
| 674 |
[bf.actions(url), |
[bf.actions(url), BR(), |
| 675 |
make_table(gen(), caption=("Package", "Bug", "Urgency", |
make_table(gen(), caption=("Package", "Bug", "Urgency", |
| 676 |
"Remote")), |
"Remote")), |
| 677 |
P('''(If a "*" is included in the urgency field, no DSA is planned |
P('''(If a "*" is included in the urgency field, no DSA is planned |
| 688 |
|
|
| 689 |
def gen(): |
def gen(): |
| 690 |
old_pkg_name = '' |
old_pkg_name = '' |
| 691 |
for (pkg_name, bug_name, archive, urgency, |
for (pkg_name, bug_name, archive, urgency, vulnerable, |
| 692 |
sid_vulnerable, ts_fixed, remote, no_dsa) \ |
sid_vulnerable, ts_fixed, remote, no_dsa) \ |
| 693 |
in self.db.cursor().execute( |
in self.db.cursor().execute( |
| 694 |
"""SELECT package, bug, section, urgency, unstable_vulnerable, |
"""SELECT package, bug, section, urgency, vulnerable, |
| 695 |
testing_security_fixed, remote, no_dsa |
unstable_vulnerable, testing_security_fixed, remote, no_dsa |
| 696 |
FROM testing_status"""): |
FROM testing_status"""): |
| 697 |
if bf.urgencyFiltered(urgency): |
if bf.urgencyFiltered(urgency, vulnerable): |
| 698 |
continue |
continue |
| 699 |
if bf.remoteFiltered(remote): |
if bf.remoteFiltered(remote): |
| 700 |
continue |
continue |
| 715 |
else: |
else: |
| 716 |
remote = 'no' |
remote = 'no' |
| 717 |
|
|
| 718 |
|
if sid_vulnerable == 2: |
| 719 |
|
urgency = self.make_purple(urgency) |
| 720 |
|
|
| 721 |
if ts_fixed: |
if ts_fixed: |
| 722 |
status = 'fixed in testing-security' |
status = 'fixed in testing-security' |
| 723 |
else: |
else: |
| 726 |
else: |
else: |
| 727 |
status = self.make_dangerous('fixed in unstable') |
status = self.make_dangerous('fixed in unstable') |
| 728 |
|
|
|
if urgency == 'unknown': |
|
|
urgency = '' |
|
|
|
|
| 729 |
yield (pkg_name, self.make_xref(url, bug_name), |
yield (pkg_name, self.make_xref(url, bug_name), |
| 730 |
urgency, remote, status) |
urgency, remote, status) |
| 731 |
|
|
| 733 |
url, 'Vulnerable source packages in the testing suite', |
url, 'Vulnerable source packages in the testing suite', |
| 734 |
[make_menu(url.scriptRelative, |
[make_menu(url.scriptRelative, |
| 735 |
("status/dtsa-candidates", "Candidates for DTSAs")), |
("status/dtsa-candidates", "Candidates for DTSAs")), |
| 736 |
bf.actions(url), |
bf.actions(url), BR(), |
| 737 |
make_table(gen(), caption=("Package", "Bug", "Urgency", |
make_table(gen(), caption=("Package", "Bug", "Urgency", |
| 738 |
"Remote"))]) |
"Remote"))]) |
| 739 |
|
|
| 743 |
|
|
| 744 |
def gen(): |
def gen(): |
| 745 |
old_pkg_name = '' |
old_pkg_name = '' |
| 746 |
for (pkg_name, bug_name, section, urgency, remote) \ |
for (pkg_name, bug_name, section, urgency, vulnerable, remote) \ |
| 747 |
in self.db.cursor().execute( |
in self.db.cursor().execute( |
| 748 |
"""SELECT DISTINCT sp.name, st.bug_name, |
"""SELECT DISTINCT sp.name, st.bug_name, |
| 749 |
sp.archive, st.urgency, |
sp.archive, st.urgency, st.vulnerable, |
| 750 |
(SELECT range_remote FROM nvd_data |
(SELECT range_remote FROM nvd_data |
| 751 |
WHERE cve_name = st.bug_name) |
WHERE cve_name = st.bug_name) |
| 752 |
FROM source_package_status AS st, source_packages AS sp |
FROM source_package_status AS st, source_packages AS sp |
| 753 |
WHERE st.vulnerable AND st.urgency <> 'unimportant' |
WHERE st.vulnerable AND sp.rowid = st.package |
| 754 |
AND sp.rowid = st.package AND sp.release = ? |
AND sp.release = ? AND sp.subrelease = '' |
|
AND sp.subrelease = '' |
|
| 755 |
ORDER BY sp.name, st.bug_name""", (rel,)): |
ORDER BY sp.name, st.bug_name""", (rel,)): |
| 756 |
if bf.urgencyFiltered(urgency): |
if bf.urgencyFiltered(urgency, vulnerable): |
| 757 |
continue |
continue |
| 758 |
if bf.remoteFiltered(remote): |
if bf.remoteFiltered(remote): |
| 759 |
continue |
continue |
| 774 |
else: |
else: |
| 775 |
remote = 'no' |
remote = 'no' |
| 776 |
|
|
| 777 |
if urgency == 'unknown': |
if urgency == 'high': |
|
urgency = '' |
|
|
elif urgency == 'high': |
|
| 778 |
urgency = self.make_red(urgency) |
urgency = self.make_red(urgency) |
| 779 |
elif urgency == 'undetermined': |
elif vulnerable == 2: |
| 780 |
urgency = self.make_purple(urgency) |
urgency = self.make_purple(urgency) |
| 781 |
|
|
| 782 |
yield pkg_name, self.make_xref(url, bug_name), urgency, remote |
yield pkg_name, self.make_xref(url, bug_name), urgency, remote |
| 783 |
|
|
| 784 |
return self.create_page( |
return self.create_page( |
| 785 |
url, title, |
url, title, |
| 786 |
[P("""Note that the list below is based on source packages. |
[P("""Note that the list below is based on source packages. |
| 788 |
fixed source version has been uploaded to the archive, even |
fixed source version has been uploaded to the archive, even |
| 789 |
if there are still some vulnerably binary packages present |
if there are still some vulnerably binary packages present |
| 790 |
in the archive."""), |
in the archive."""), |
| 791 |
bf.actions(url), |
bf.actions(url), BR(), |
| 792 |
make_table(gen(), caption=('Package', 'Bug', 'Urgency', |
make_table(gen(), caption=('Package', 'Bug', 'Urgency', |
| 793 |
'Remote'))]) |
'Remote'))]) |
| 794 |
|
|
| 815 |
|
|
| 816 |
def gen(): |
def gen(): |
| 817 |
old_pkg_name = '' |
old_pkg_name = '' |
| 818 |
for (pkg_name, bug_name, archive, urgency, stable_later, |
for (pkg_name, bug_name, archive, urgency, vulnerable, |
| 819 |
remote) \ |
stable_later, remote) \ |
| 820 |
in self.db.cursor().execute( |
in self.db.cursor().execute( |
| 821 |
"""SELECT package, bug, section, urgency, |
"""SELECT package, bug, section, urgency, vulnerable, |
| 822 |
(SELECT testing.version_id < stable.version_id |
(SELECT testing.version_id < stable.version_id |
| 823 |
FROM source_packages AS testing, source_packages AS stable |
FROM source_packages AS testing, source_packages AS stable |
| 824 |
WHERE testing.name = testing_status.package |
WHERE testing.name = testing_status.package |
| 834 |
FROM testing_status |
FROM testing_status |
| 835 |
WHERE (NOT unstable_vulnerable) |
WHERE (NOT unstable_vulnerable) |
| 836 |
AND (NOT testing_security_fixed)"""): |
AND (NOT testing_security_fixed)"""): |
| 837 |
if bf.urgencyFiltered(urgency): |
if bf.urgencyFiltered(urgency, vulnerable): |
| 838 |
continue |
continue |
| 839 |
if bf.remoteFiltered(remote): |
if bf.remoteFiltered(remote): |
| 840 |
continue |
continue |
| 858 |
else: |
else: |
| 859 |
remote = 'no' |
remote = 'no' |
| 860 |
|
|
| 861 |
if urgency == 'unknown': |
if urgency == 'high': |
|
urgency = '' |
|
|
elif urgency == 'high': |
|
| 862 |
urgency = self.make_red(urgency) |
urgency = self.make_red(urgency) |
| 863 |
|
|
| 864 |
if stable_later: |
if stable_later: |
| 877 |
make_menu(url.scriptRelative, |
make_menu(url.scriptRelative, |
| 878 |
("status/release/testing", |
("status/release/testing", |
| 879 |
"List of vulnerable packages in testing")), |
"List of vulnerable packages in testing")), |
| 880 |
bf.actions(url), |
bf.actions(url), BR(), |
| 881 |
make_table(gen(), |
make_table(gen(), |
| 882 |
caption=("Package", "Migration", "Bug", "Urgency", |
caption=("Package", "Migration", "Bug", "Urgency", |
| 883 |
"Remote"))]) |
"Remote"))]) |
Parent Directory
| 
Revision Log
| 
Patch