Control: tag -1 + patch On Tue, Feb 11, 2014 at 04:00:45PM -0300, Antonio Terceiro wrote: > On Sat, Feb 08, 2014 at 11:31:27AM +0100, Salvatore Bonaccorso wrote: > > Hi Antonio, > > > > On Thu, Oct 24, 2013 at 09:49:19AM -0300, Antonio Terceiro wrote: > > > It would be nice if someone familiar with the codebase could write up > > > instructions on how to do that. > > > > Actually at the Security Team meeting we are working now on this. > > Mainly if you want to set up a testinstance of the security tracker is > > doing the three steps: > > > > make update-packages > > make all > > make serve > > that worked just fine, thanks! :-) now the patches :-) the first one just sets some whitespace right in bin/tracker_service.py, and the second one is the actual implementation of a "Vulnerability summary" for a given source package. -- Antonio Terceiro <terceiro@debian.org>
From d3ac0a9682ebc1538a083fb92c5b7101a53646ca Mon Sep 17 00:00:00 2001 From: Antonio Terceiro <terceiro@softwarelivre.org> Date: Tue, 11 Feb 2014 16:13:44 -0300 Subject: [PATCH 1/2] tracker_service: remove spurious whitespace --- bin/tracker_service.py | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/bin/tracker_service.py b/bin/tracker_service.py index 455ea9b..c0879a0 100644 --- a/bin/tracker_service.py +++ b/bin/tracker_service.py @@ -93,7 +93,8 @@ h3 { font-size : 100%; } table { padding-left : 1.5em } td, th { text-align : left; - padding-left : 0.25em; + padding-left : 0.25em; + padding-left : 0.25em; padding-right : 0.25em; } td { vertical-align: baseline } span.red { color: red; } @@ -1174,9 +1175,9 @@ Debian bug number.'''), "Testing Security Team"), " - ", A(url.absolute("http://www.debian.org/security/"), "Debian Security"), - " - ", A(url.absolute("http://anonscm.debian.org/viewvc/secure-testing/bin/tracker_service.py?view=markup"), - "Source"), - " ", A(url.absolute("svn://anonscm.debian.org/secure-testing"), "(SVN)"), + " - ", A(url.absolute("http://anonscm.debian.org/viewvc/secure-testing/bin/tracker_service.py?view=markup"), + "Source"), + " ", A(url.absolute("svn://anonscm.debian.org/secure-testing"), "(SVN)"), )) if search_in_page: on_load = "selectSearch()" @@ -1324,7 +1325,8 @@ Debian bug number.'''), return SPAN(contents, _class="red") def make_purple(self, contents): - return SPAN(contents, _class="purple") + return SPAN(contents, _class="purple") + return SPAN(contents, _class="purple") def make_dangerous(self, contents): return SPAN(contents, _class="dangerous") -- 1.9.0.rc3
From 8d31c637e78a9c224426e2baef5a7d094a6857c0 Mon Sep 17 00:00:00 2001 From: Antonio Terceiro <terceiro@softwarelivre.org> Date: Tue, 11 Feb 2014 18:55:27 -0300 Subject: [PATCH 2/2] Vulnerabitily summary for packages --- bin/tracker_service.py | 43 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 43 insertions(+) diff --git a/bin/tracker_service.py b/bin/tracker_service.py index c0879a0..5df25ba 100644 --- a/bin/tracker_service.py +++ b/bin/tracker_service.py @@ -99,6 +99,7 @@ td, th { text-align : left; td { vertical-align: baseline } span.red { color: red; } span.purple { color: purple; } +span.green { color: green; } span.dangerous { color: rgb(191,127,0); } """), SCRIPT('''var old_query_value = ""; @@ -546,6 +547,34 @@ to improve our documentation and procedures, so feedback is welcome.""")])]) for (bug, description) in lst: yield self.make_xref(url, bug), description + suites = () + for (releases, version) in self.db.getSourcePackageVersions( + self.db.cursor(), pkg): + for r in releases: + if r not in suites: + suites = suites + (r,) + + def gen_summary(bugs): + for (bug, description) in bugs: + status = {} + for (package, releases, version, vulnerable) \ + in self.db.getSourcePackages(self.db.cursor(), bug): + for release in releases: + if package == pkg: + if vulnerable == 1: + status[release] = self.make_red('vulnerable') + elif vulnerable == 2: + status[release] = self.make_purple('undetermined') + else: + status[release] = self.make_green('fixed') + status_row = () + for release in suites: + if release in status: + status_row = status_row + (status[release],) + else: + status_row = status_row + (self.make_purple('unknown'),) + yield (self.make_xref(url, bug),) + status_row + return self.create_page( url, 'Information on source package ' + pkg, [make_menu(lambda x: x, @@ -558,6 +587,17 @@ to improve our documentation and procedures, so feedback is welcome.""")])]) H2('Available versions'), make_table(gen_versions(), caption=('Release', 'Version')), + H2('Vulnerability summary'), + + make_table( + gen_summary( + # open issues + self.db.getBugsForSourcePackage( + self.db.cursor(), pkg, True, False), + ), + caption=('CVE',) + suites + ), + H2('Open issues'), make_table(gen_bug_list(self.db.getBugsForSourcePackage (self.db.cursor(), pkg, True, False)), @@ -1328,6 +1368,9 @@ Debian bug number.'''), return SPAN(contents, _class="purple") return SPAN(contents, _class="purple") + def make_green(self, contents): + return SPAN(contents, _class="green") + def make_dangerous(self, contents): return SPAN(contents, _class="dangerous") -- 1.9.0.rc3
Attachment:
signature.asc
Description: Digital signature