Hi, On Fri, Dec 17, 2021 at 11:57:34AM +0000, Neil Williams wrote: > https://salsa.debian.org/codehelp/security-tracker/-/commit/2df53b5421cde0c7b1b2dd3343d71aebde2d55b7 > > https://salsa.debian.org/codehelp/security-tracker/-/raw/grabcvefix/bin/grab-cve-in-fix > > Dependencies: python3-debian > > Usage: Download from the raw link as bin/grab-cve-in-fix and make it > executable. > > ./bin/grab-cve-in-fix --help > > usage: grab-cve-in-fix [-h] [[--email EMAIL] | [--tracker TRACKER]] | [[--src > SRC] & [--cves [CVES ...]]] > > Grab CVE data from a package upload for manual review > > optional arguments: > -h, --help show this help message and exit > > Online - query either the distro-tracker or debian-devel-changes mail archive: > --email EMAIL URL of debian-devel-changes announcement in the list > archive > --tracker TRACKER URL of tracker.debian.org 'Accepted NEWS' page for > unstable > > Offline - run 'make update-packages' first & specify source package and CVE > list: > --src SRC Source package name to look up version in local packages > files > --cves [CVES ...] CVE ID tag with version from local packages files > > Data is written to a new <source_package>.list file which can be used with > './bin/merge-cve-files' > > > Examples: > > ./bin/grab-cve-in-fix --src freerdp2 --cve CVE-2021-41160 > > ./bin/grab-cve-in-fix --tracker > https://tracker.debian.org/news/1285227/accepted-freerdp2-241dfsg1-1-source-into-unstable/ > > ./bin/grab-cve-in-fix --email > https://lists.debian.org/debian-devel-changes/2021/12/msg01280.html > > (For these specific examples, data/CVE/list for CVE-2021-41160 would need to > be altered, say to <unfixed>, locally.)
Nice! I will need (or want) to try to experiment with it a bit on apparing real cases. Regards, Salvatore