[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#759727: patches for including LTS into security-tracker.d.o

Hi Florian,

On Sonntag, 31. August 2014, Florian Weimer wrote:
> * Holger Levsen:
> > -# security_db.py -- simple, CVE-driven Debian security bugs database
> > +# lts_db.py -- simple, CVE-driven Debian security bugs database
> This change appears unnecessary.

right (ouch)
> > -	    AND sp.subrelease <> 'security'
> > +	    AND sp.subrelease <> 'security' AND p.subrelease <> 'lts'
> This is a typo, should be "sp.subrelease" twice.


> If you look at <>,
> you will see that DLA-40-1 is listed under "Open issues".  This is
> incorrect, DLAs should never be listed there.
> I believe the fix is this additional change in getBugsForSourcePackage:
>              AND bugs.name = st.bug_name
> -            AND bugs.name NOT LIKE 'DSA-%'
> +            AND bugs.name LIKE 'CVE-%'

right, cool! maybe LIKE ('CVE-%' OR 'TEMP-%') ?? Or are those really never 

>              GROUP BY bugs.name, bugs.description, sp.name)
> Can you make these changes, test again, and commit?  I can then
> activate them on soler.

I've done so now, thanks for your review and pushing them to soler!

Please also close this bug then.

> And thanks a lot for working on this!

my pleasure! It felt good to come up with this patch! :-)


Attachment: signature.asc
Description: This is a digitally signed message part.

Reply to: