On Thu, Feb 21, 2019 at 01:51:07PM -0500, Antoine Beaupré wrote: > > -> this script is incorrect/broken for DLAs it seems, as > > https://www.debian.org/lts/security/ does list the DLAs 1677-1681, > > just DLAs 1682-1685 are missing. And they are called DLA-1234 there, > > not "DLA 1234-1"... > Weird. Is your local checkout up to date?
yes > What if you run in debug mode? ~/Projects/debian-www/cron$ ../cron/parts/10-check-advisories --mode DLA --debug 2>&1 | head -50 INFO: fetching URL https://salsa.debian.org/security-tracker-team/security-tracker/raw/master/data/DLA/list DEBUG: Starting new HTTPS connection (1): salsa.debian.org DEBUG: https://salsa.debian.org:443 "GET /security-tracker-team/security-tracker/raw/master/data/DLA/list HTTP/1.1" 200 47253 INFO: checking DLA-1685-1 (2019) ERROR: .data or .wml file missing for DLA 1685-1 DEBUG: skipping line: " {CVE-2019-6338}" DEBUG: skipping line: " [jessie] - drupal7 7.32-1+deb8u15" INFO: checking DLA-1684-1 (2019) ERROR: .data or .wml file missing for DLA 1684-1 DEBUG: skipping line: " {CVE-2019-6454}" DEBUG: skipping line: " [jessie] - systemd 215-17+deb8u10" INFO: checking DLA-1683-1 (2019) ERROR: .data or .wml file missing for DLA 1683-1 DEBUG: skipping line: " {CVE-2018-8791 CVE-2018-8792 CVE-2018-8793 CVE-2018-8794 CVE-2018-8795 CVE-2018-8796 CVE-2018-8797 CVE-2018-8798 CVE-2018-8799 CVE-2018-8800 CVE-2018-20174 CVE-2018-20175 CVE-2018-20176 CVE-2018-20177 CVE-2018-20178 CVE-2018-20179 CVE-2018-20180 CVE-2018-20181 CVE-2018-20182}" DEBUG: skipping line: " [jessie] - rdesktop 1.8.4-0+deb8u1" INFO: checking DLA-1660-2 (2019) ERROR: .data or .wml file missing for DLA 1660-2 DEBUG: skipping line: " [jessie] - rssh 2.3.4-4+deb8u3" INFO: checking DLA-1682-1 (2019) ERROR: .data or .wml file missing for DLA 1682-1 DEBUG: skipping line: " {CVE-2018-20721}" DEBUG: skipping line: " [jessie] - uriparser 0.8.0.1-2+deb8u2" INFO: checking DLA-1681-1 (2019) ERROR: .data or .wml file missing for DLA 1681-1 DEBUG: skipping line: " {CVE-2019-7659}" DEBUG: skipping line: " [jessie] - gsoap 2.8.17-1+deb8u2" INFO: checking DLA-1680-1 (2019) ERROR: .data or .wml file missing for DLA 1680-1 DEBUG: skipping line: " {CVE-2018-17000 CVE-2018-19210 CVE-2019-7663}" DEBUG: skipping line: " [jessie] - tiff 4.0.3-12.3+deb8u8" INFO: checking DLA-1679-1 (2019) ERROR: .data or .wml file missing for DLA 1679-1 DEBUG: skipping line: " [jessie] - php5 5.6.40+dfsg-0+deb8u1" INFO: checking DLA-1678-1 (2019) ERROR: .data or .wml file missing for DLA 1678-1 DEBUG: skipping line: " {CVE-2018-18356 CVE-2018-18500 CVE-2018-18501 CVE-2018-18505 CVE-2018-18509 CVE-2019-5785}" DEBUG: skipping line: " [jessie] - thunderbird 1:60.5.1-1~deb8u1" INFO: checking DLA-1677-1 (2019) ERROR: .data or .wml file missing for DLA 1677-1 DEBUG: skipping line: " {CVE-2018-18356 CVE-2019-5785}" DEBUG: skipping line: " [jessie] - firefox-esr 60.5.1esr-1~deb8u1" INFO: checking DLA-1676-1 (2019) ERROR: .data or .wml file missing for DLA 1676-1 DEBUG: skipping line: " {CVE-2017-15105}" DEBUG: skipping line: " [jessie] - unbound 1.4.22-3+deb8u4" INFO: checking DLA-1675-1 (2019) ERROR: .data or .wml file missing for DLA 1675-1 DEBUG: skipping line: " {CVE-2019-6690}" DEBUG: skipping line: " [jessie] - python-gnupg 0.3.6-1+deb8u1" INFO: checking DLA-1674-1 (2019) > > Also, if this merge request would be merged, it would just run it in > > normal, DSA, mode. Do you have a suggestion how to run it in DLA mode? > We could simply change the default here: > > parser.add_argument('--mode', default='DSA', choices=('DSA', 'DLA'), > help='which sort of advisory to check (default: > %(default)s)') # noqa: E501 hmm. (and then, what about missing DSAs?) -- tschau, Holger ------------------------------------------------------------------------------- holger@(debian|reproducible-builds|layer-acht).org PGP fingerprint: B8BF 5413 7B09 D35C F026 FE9D 091A B856 069A AA1C
signature.asc
Description: PGP signature
