Hi Florian,
On Sonntag, 31. August 2014, Florian Weimer wrote:
> * Holger Levsen:
> > -# security_db.py -- simple, CVE-driven Debian security bugs database
> > +# lts_db.py -- simple, CVE-driven Debian security bugs database
> This change appears unnecessary.
right (ouch)
> > - AND sp.subrelease <> 'security'
> > + AND sp.subrelease <> 'security' AND p.subrelease <> 'lts'
> This is a typo, should be "sp.subrelease" twice.
right!
> If you look at <http://127.0.0.1:10605/tracker/source-package/cacti>,
> you will see that DLA-40-1 is listed under "Open issues". This is
> incorrect, DLAs should never be listed there.
>
> I believe the fix is this additional change in getBugsForSourcePackage:
>
> AND bugs.name = st.bug_name
> - AND bugs.name NOT LIKE 'DSA-%'
> + AND bugs.name LIKE 'CVE-%'
right, cool! maybe LIKE ('CVE-%' OR 'TEMP-%') ?? Or are those really never
used?
> GROUP BY bugs.name, bugs.description, sp.name)
>
> Can you make these changes, test again, and commit? I can then
> activate them on soler.
I've done so now, thanks for your review and pushing them to soler!
Please also close this bug then.
> And thanks a lot for working on this!
my pleasure! It felt good to come up with this patch! :-)
cheers,
Holger
Attachment:
signature.asc
Description: This is a digitally signed message part.