On Tue, Feb 27, 2018 at 10:55:25AM +0100, Raphael Hertzog wrote: > On Mon, 26 Feb 2018, Bastian Blank wrote: > > On Sun, Feb 25, 2018 at 09:54:27PM +0100, Raphael Hertzog wrote: > > > Are you suggesting that it should be possible to store our own data > > > in another git repository and that the tracker should be easily able to > > > merge the data coming from two distincts repositories ? > > I've got patches somewhere that do exactly this. > Nice! Can you try to dig them out? We could then try to merge them > in the official tracker and write some documentatin on how to do this.
I attached the patch that we used to integrate information about the super-lts we did for a customer. /CVE-CUSTOMER/list would get information about ignored CVE and is merged into the information read from /CVE/list. /CVE/list was a symlink to the Debian security tracker svn. /CUSTOMER/list we used for information about security updates and EOL markers. Bastian -- Ahead warp factor one, Mr. Sulu.
commit cfc7675b9dac2034cf5fc671653792e8b48dd4db Author: Bastian Blank <bastian.bl...@credativ.de> Date: Wed Mar 23 10:51:02 2016 +0100 Add support for CUSTOMER bugs and CVE extends diff --git a/lib/python/bugs.py b/lib/python/bugs.py index 7258be7..d4d8a0d 100644 --- a/lib/python/bugs.py +++ b/lib/python/bugs.py @@ -299,6 +299,28 @@ class Bug(BugBase): nts.append(notes[key]) self.notes = nts +class BugExtend(Bug): + def writeDB(self, cursor): + """Writes the record to an SQLite3 database.""" + + for (typ, c) in self.comments: + cursor.execute("""INSERT INTO bugs_notes + (bug_name, typ, comment) VALUES (?, ?, ?)""", + (self.name, typ, c)) + + for n in self.notes: + n.writeDB(cursor, self.name) + + import apsw + for x in self.xref: + try: + cursor.execute("""INSERT INTO bugs_xref + (source, target) VALUES (?, ?)""", + (self.name, x)) + except apsw.ConstraintError: + raise ValueError, \ + "cross reference to %s appears multiple times" % x + class BugFromDB(Bug): def __init__(self, cursor, name): assert type(name) in types.StringTypes @@ -440,6 +462,9 @@ class FileBase(debian_support.PackageFile): debian_support.PackageFile.__init__(self, name, fileObj) self.removed_packages = {} + def isExtend(self, name): + return False + def isUniqueName(self, name): """Returns True if the name is a real, unique name.""" return True @@ -723,7 +748,11 @@ class FileBase(debian_support.PackageFile): if first_bug: break record_name = temp_bug_name(first_bug, description) - yield self.finishBug(Bug(self.file.name, first_lineno, date, + if self.isExtend(record_name): + cls = BugExtend + else: + cls = Bug + yield self.finishBug(cls(self.file.name, first_lineno, date, record_name, description, comments, notes=pkg_notes, xref=xref)) @@ -768,6 +797,12 @@ class CVEFile(FileBase): bug.mergeNotes() return bug +class CVECUSTOMERFile(CVEFile): + re_cve = re.compile(r'^(CVE-\d{4}-(?:\d{4,}|XXXX)|TEMP-\d+-\S+)\s+(.*?)\s*$') + + def isExtend(self, name): + return True + class DSAFile(FileBase): """A DSA file. @@ -809,6 +844,11 @@ class DSAFile(FileBase): bug.mergeNotes() return bug +class CUSTOMERFile(DSAFile): + re_dsa = re.compile(r'^\[(\d\d) ([A-Z][a-z][a-z]) (\d{4})\] ' + + r'(CUSTOMER-\d+(?:-\d+)?)\s+' + + r'(.*?)\s*$') + class DLAFile(FileBase): """A DLA file. diff --git a/lib/python/security_db.py b/lib/python/security_db.py index e018fff..66032aa 100644 --- a/lib/python/security_db.py +++ b/lib/python/security_db.py @@ -908,9 +908,11 @@ class DB: source_removed_packages = '/packages/removed-packages' sources = ((bugs.CVEFile, '/CVE/list'), + (bugs.CVECUSTOMERFile, '/CVE-CUSTOMER/list'), (bugs.DSAFile, '/DSA/list'), (bugs.DTSAFile, '/DTSA/list'), (bugs.DLAFile, '/DLA/list'), + (bugs.CUSTOMERFile, '/CUSTOMER/list'), (None, source_removed_packages)) unchanged = True @@ -963,7 +965,7 @@ class DB: old_source = '' for source, target in list(cursor.execute( """SELECT source, target FROM bugs_xref - WHERE (source LIKE 'DTSA-%' OR source LIKE 'DSA-%' OR source LIKE 'DLA-%') + WHERE (source LIKE 'DTSA-%' OR source LIKE 'DSA-%' OR source LIKE 'DLA-%' OR source LIKE 'CUSTOMER-%') AND target LIKE 'CVE-%'""")): if source <> old_source: source_bug = bugs.BugFromDB(cursor, source) @@ -1846,7 +1848,7 @@ class DB: """SELECT bugs.name, bugs.description FROM bugs, package_notes as p WHERE p.bug_name = bugs.name - AND ( bugs.name LIKE 'DSA-%' OR bugs.name LIKE 'DLA-%') + AND ( bugs.name LIKE 'DSA-%' OR bugs.name LIKE 'DLA-%' OR bugs.name LIKE 'CUSTOMER-%' ) AND p.package = ? ORDER BY bugs.release_date DESC""", (package,)): yield DSAsForSourcePackage(*row)