/[secure-testing]/bin/tracker_service.py

Diff of /bin/tracker_service.py

Parent Directory | Revision Log | View Patch Patch

-revision 2490 by fw,
Thu Oct 20 09:03:51 2005 UTC
+revision 2491 by fw,
Thu Oct 20 09:04:11 2005 UTC
 Line 14 
 import re
  import security_db
  from web_support import *
+ class BugFilter:
+     def __init__(self, params):
+         self.hide_medium_urgency = int(params.get('hide_medium_urgency',
+                                                   (0,))[0])
+         self.hide_non_remote = int(params.get('hide_non_remote',
+                                               (0,))[0])
+     def actions(self, url):
+         """Returns a HTML snippet which can be used to change the filter."""
+         if self.hide_medium_urgency:
+             urg = A(url.updateParams(hide_medium_urgency=None),
+                     'Show lower urgencies')
+         else:
+             urg = A(url.updateParams(hide_medium_urgency='1'),
+                     'Hide lower urgencies')
+         if self.hide_non_remote:
+             rem = A(url.updateParams(hide_non_remote=None),
+                     'Show local vulnerabilities')
+         else:
+             rem = A(url.updateParams(hide_non_remote='1'),
+                     'Hide local vulnerabilities')
+         return P(urg, ' ', rem)
+     def urgencyFiltered(self, urg):
+         """Returns True if the urgency urg is filtered."""
+         return self.hide_medium_urgency and urg not in ("high", "unknown", "")
+     def remoteFiltered(self, remote):
+         """Returns True if the attack range is filtered."""
+         return remote is not None and self.hide_non_remote and not remote
  class TrackerService(WebService):
      head_contents = compose(STYLE(
          """h1 { font-size : 144%; }
-Line 459 
 architecture is currently not tracked.""
+Line 490 
 architecture is currently not tracked.""
  this package, but still reference it.""")])
      def page_status_release_stable(self, path, params, url):
+         bf = BugFilter(params)
          def gen():
              old_pkg_name = ''
              for (pkg_name, bug_name, archive, urgency, remote) in \
                      self.db.cursor().execute(
                  """SELECT package, bug, section, urgency, remote
                  FROM stable_status"""):
+                 if bf.urgencyFiltered(urgency):
+                     continue
+                 if bf.remoteFiltered(remote):
+                     continue
                  if pkg_name == old_pkg_name:
                      pkg_name = ''
                  else:
-Line 488 
 this package, but still reference it."""
+Line 526 
 this package, but still reference it."""
          return self.create_page(
              url, 'Vulnerable source packages in the stable suite',
-             [make_table(gen(), caption=("Package", "Bug", "Urgency",
+             [bf.actions(url),
+              make_table(gen(), caption=("Package", "Bug", "Urgency",
                                          "Remote"))])
      def page_status_release_testing(self, path, params, url):
+         bf = BugFilter(params)
          def gen():
              old_pkg_name = ''
              for (pkg_name, bug_name, archive, urgency,
-Line 499 
 this package, but still reference it."""
+Line 540 
 this package, but still reference it."""
                  """SELECT package, bug, section, urgency, unstable_vulnerable,
                  testing_security_fixed, remote
                  FROM testing_status"""):
+                 if bf.urgencyFiltered(urgency):
+                     continue
+                 if bf.remoteFiltered(remote):
+                     continue
                  if pkg_name == old_pkg_name:
                      pkg_name = ''
                  else:
-Line 531 
 this package, but still reference it."""
+Line 577 
 this package, but still reference it."""
              url, 'Vulnerable source packages in the testing suite',
              [make_menu(url.scriptRelative,
                         ("status/dtsa-candidates", "Candidates for DTSAs")),
+              bf.actions(url),
               make_table(gen(), caption=("Package", "Bug", "Urgency",
                                          "Remote"))])
      def page_status_release_unstable(self, path, params, url):
+         bf = BugFilter(params)
          def gen():
              old_pkg_name = ''
-             for (pkg_name, bug_name, section, urgency) \
+             for (pkg_name, bug_name, section, urgency, remote) \
                      in self.db.cursor().execute(
                  """SELECT DISTINCT sp.name, st.bug_name,
-                 sp.archive, st.urgency
+                 sp.archive, st.urgency,
+                 (SELECT range_remote FROM nvd_data
+                  WHERE cve_name = st.bug_name)
                  FROM source_package_status AS st, source_packages AS sp
                  WHERE st.vulnerable AND st.urgency <> 'unimportant'
                  AND sp.rowid = st.package AND sp.release = 'sid'
                  AND sp.subrelease = ''
                  ORDER BY sp.name, st.bug_name"""):
+                 if bf.urgencyFiltered(urgency):
+                     continue
+                 if bf.remoteFiltered(remote):
+                     continue
                  if pkg_name == old_pkg_name:
                      pkg_name = ''
                  else:
-Line 555 
 this package, but still reference it."""
+Line 611 
 this package, but still reference it."""
                      else:
                          pkg_name = self.make_xref(url, pkg_name)
+                 if remote is None:
+                     remote = ''
+                 elif remote:
+                     remote = 'yes'
+                 else:
+                     remote = 'no'
                  if urgency == 'unknown':
                      urgency = ''
                  elif urgency == 'high':
                      urgency = self.make_red(urgency)
-                 yield pkg_name, self.make_xref(url, bug_name), urgency
+                 yield pkg_name, self.make_xref(url, bug_name), urgency, remote
          return self.create_page(
-Line 570 
 this package, but still reference it."""
+Line 633 
 this package, but still reference it."""
              fixed source version has been uploaded to the archive, even
              if there are still some vulnerably binary packages present
              in the archive."""),
-              make_table(gen(), caption=('Package', 'Bug', 'Urgency'))])
+              bf.actions(url),
+              make_table(gen(), caption=('Package', 'Bug', 'Urgency',
+                                         'Remote'))])
      def page_status_dtsa_candidates(self, path, params, url):
+         bf = BugFilter(params)
          def gen():
              old_pkg_name = ''
-             for (pkg_name, bug_name, archive, urgency, stable_later) \
+             for (pkg_name, bug_name, archive, urgency, stable_later,
+                  remote) \
                      in self.db.cursor().execute(
                  """SELECT package, bug, section, urgency,
                  (SELECT testing.version_id < stable.version_id
-Line 587 
 this package, but still reference it."""
+Line 655 
 this package, but still reference it."""
                   AND stable.name = testing_status.package
                   AND stable.release = 'sarge'
                   AND stable.subrelease = 'security'
-                  AND stable.archive = testing_status.section)
+                  AND stable.archive = testing_status.section),
+                 (SELECT range_remote FROM nvd_data
+                  WHERE cve_name = bug)
                  FROM testing_status
                  WHERE (NOT unstable_vulnerable)
                  AND (NOT testing_security_fixed)"""):
+                 if bf.urgencyFiltered(urgency):
+                     continue
+                 if bf.remoteFiltered(remote):
+                     continue
                  if pkg_name == old_pkg_name:
                      pkg_name = ''
                      migration = ''
-Line 603 
 this package, but still reference it."""
+Line 678 
 this package, but still reference it."""
                      else:
                          pkg_name = self.make_source_package_ref(url, pkg_name)
+                 if remote is None:
+                     remote = ''
+                 elif remote:
+                     remote = 'yes'
+                 else:
+                     remote = 'no'
                  if urgency == 'unknown':
                      urgency = ''
                  elif urgency == 'high':
-Line 614 
 this package, but still reference it."""
+Line 696 
 this package, but still reference it."""
                      notes = ''
                  yield (pkg_name, migration, self.make_xref(url, bug_name),
-                        urgency, notes)
+                        urgency, remote, notes)
          return self.create_page(
              url, "Candidates for DTSAs",
-Line 625 
 return web_supporttesting yet."""),
+Line 707 
 return web_supporttesting yet."""),
               make_menu(url.scriptRelative,
                         ("status/release/testing",
                          "List of vulnerable packages in testing")),
+              bf.actions(url),
               make_table(gen(),
-                         caption=("Package", "Migration", "Bug", "Urgency"))])
+                         caption=("Package", "Migration", "Bug", "Urgency",
+                                  "Remote"))])
      def page_status_todo(self, path, params, url):
          def gen():

 Legend:



Removed from v.2490
 


changed lines


 
Added in v.2491
 Legend:



Removed from v.2490
 


changed lines


 
Added in v.2491
-Removed from v.2490
+Added in v.2491

	ViewVC Help
Powered by ViewVC 1.1.5