Hi, Michael S Gilbert wrote: > > hello, i've noticed that embedded code copies can be troublesome to > track, so i've developed a script that automatically adds TODOs for > known code copies to the CVE list.
Nice, thanks. Some time ago I wrote bin/embedded-cleanup which performs some syntax checking and looks for not-existing packages. It would be great if anyone modifying embedded-code-copies run it and help reduce the number of issues it detects. It's current output is: Non-existing package 'gpdf', line:31 Non-existing package 'pdfkit.framework', line:44 Non-existing package 'enblend-fuse', line:130 Non-existing package 'gadu', line:141 Non-existing package 'mozilla-firefox', line:159 Non-existing package 'mozilla-thunderbird', line:160 Non-existing package 'krb4', line:178 Malformed line (195) detected: '- atheme-services' Malformed line (196) detected: '- libbsd-arc4random-perl' Malformed line (197) detected: '- isakmpd' Non-existing package 'usermin', line:242 Non-existing package 'usermin', line:243 Non-existing package 'mad', line:277 Non-existing package 'python-beautifulsoup', line:309 Non-existing package 'evince-gtk', line:431 Non-existing package 'libpawlib2-lesstif', line:435 Non-existing package 'claws-mail-html2-viewer', line:439 Non-existing package 'libpawlib2-lesstif', line:442 Non-existing package 'magic', line:622 Non-existing package 'auth2db-frontend', line:650 Non-existing package 'hobbix', line:667 Non-existing package 'gforge-plugins-extra', line:798 Non-existing package 'claws-mail-vcalendar-plugin', line:804 Non-existing package 'icedove:', line:880 Non-existing package 'firefox', line:885 Non-existing package 'firefox-3.0', line:887 Non-existing package 'firefox-3.1', line:889 Non-existing package 'seamonkey', line:891 Non-existing package 'thunderbird', line:893 Non-existing package 'mozilla-thunderbird', line:895 The firefox, seamonkey and thunderbird ones come from Ubuntu, which seems a bit odd to me that we are tracking them. All the script requires is a an alioth account so that it can query UDD to get the list of packages per release. Michael: by the way, the translate hash of my script may help a bit yours, but we should in general find a better approach. Cheers, -- Raphael Geissert - Debian Developer www.debian.org - get.debian.net _______________________________________________ Secure-testing-team mailing list [email protected] http://lists.alioth.debian.org/mailman/listinfo/secure-testing-team
