Bug#1001883: security-tracker: Issue with merge-cve-files when entry contains as well en experimental tagged upper suite entry

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#1001883: security-tracker: Issue with merge-cve-files when entry contains as well en experimental tagged upper suite entry
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Sat, 18 Dec 2021 11:00:08 +0100
Message-id: <[🔎] 163982160833.2400589.7651440922206251756.reportbug@eldamar.lan>
Reply-to: Salvatore Bonaccorso <carnil@debian.org>, 1001883@bugs.debian.org

Package: security-tracker
Severity: normal
X-Debbugs-Cc: carnil@debian.org,pochu@debian.org

Hi

When there is an entry like:

,---- [ data/CVE/list ]
| CVE-2024-1234 [description]
|         [experimental] - foo 1-1
|         - foo 1-2
|         [bullseye] - foo <no-dsa> (Minor issue)
`----

and an entry to be merged:

,---- [ merge.list ]
| CVE-2024-1234
|         [bullseye] - foo 1-2~deb11u1
`----

$ bin/merge-cve-list data/CVE/list merge.list
[...]
AttributeError: 'NoneType' object has no attribute '_order'

Will fail. Even though this is not a standard situation maybe
merge-cve-list can account for this situation as well.

Emilio can you have a look?

Regards,
Salvatore

Reply to:

Prev by Date: Bug#1001453: security-tracker: extend support for bug reporting to update the CVE list with the bug number
Next by Date: Bug#1001451: Candidate script
Previous by thread: Re: Question about stretch json
Next by thread: Bug#1002516: security-tracker: DSA-5000-2 vs. tracker
Index(es):
- Date
- Thread