Patchwork [kteam-tools] cve-tracker: speed up CVE linkage, add more verbose output

login
register
mail settings
Submitter Kees Cook
Date June 6, 2011, 6:56 p.m.
Message ID <20110606185601.GE25507@outflux.net>
Download mbox | patch
Permalink /patch/98993/
State New
Headers show

Comments

Kees Cook - June 6, 2011, 6:56 p.m.
We cannot safely use linkCVE due to LP: #439470. Instead, use comment
work-around to trigger attachment. Add more verbose output messages too.

Signed-off-by: Kees Cook <kees.cook@canonical.com>
---
 stable/create-cve-tracker |   15 +++++++--------
 1 files changed, 7 insertions(+), 8 deletions(-)
Brad Figg - June 6, 2011, 7:25 p.m.
On 06/06/2011 11:56 AM, Kees Cook wrote:
> We cannot safely use linkCVE due to LP: #439470. Instead, use comment
> work-around to trigger attachment. Add more verbose output messages too.
>
> Signed-off-by: Kees Cook<kees.cook@canonical.com>
> ---
>   stable/create-cve-tracker |   15 +++++++--------
>   1 files changed, 7 insertions(+), 8 deletions(-)
>
> diff --git a/stable/create-cve-tracker b/stable/create-cve-tracker
> index 67af11e..16a8be2 100755
> --- a/stable/create-cve-tracker
> +++ b/stable/create-cve-tracker
> @@ -183,18 +183,15 @@ class CreateCveTracker(StdApp):
>                       print("https://bugs.launchpad.net/bugs/%s" % (bug.id))
>
>                   try:
> +                    self.verbose("Updating tags ...\n")
>                       bug.tags.append('kernel-cve-tracking-bug')
> +                    self.verbose("Marking as security ...\n")
>                       bug.security_related = True
>
>                       # Link the appropriate cve to the bug
> -                    #
> -                    found = False
> -                    for cve in self.lp.launchpad.cves:
> -                        if title in cve.display_name:
> -                            found = True
> -                            break
> -                    if found:
> -                        bug.lpbug.linkCVE(cve=cve)
> +                    # Cannot safely use 'linkCVE' due to LP: #439470
> +                    self.verbose("Linking to %s ..." % (title))
> +                    bug.add_comment(content=title)
>
>                       lp = self.lp.launchpad
>                       ubuntu = lp.distributions["ubuntu"]
> @@ -203,7 +200,9 @@ class CreateCveTracker(StdApp):
>                       self.verbose("Adding additional packages")
>                       pkgs = ['linux-fsl-imx51', 'linux-mvl-dove', 'linux-lts-backport-maverick', 'linux-ti-omap4']
>                       for p in pkgs:
> +                        self.verbose("Finding source package '%s' ..." % (p))
>                           pkg = ubuntu.getSourcePackage(name=p)
> +                        self.verbose("Adding bug task for '%s' ..." % (p))
>                           t = bug.lpbug.addTask(target=pkg)
>
>                       # Nominate for all active series

Applied and pushed.

Patch

diff --git a/stable/create-cve-tracker b/stable/create-cve-tracker
index 67af11e..16a8be2 100755
--- a/stable/create-cve-tracker
+++ b/stable/create-cve-tracker
@@ -183,18 +183,15 @@  class CreateCveTracker(StdApp):
                     print("https://bugs.launchpad.net/bugs/%s" % (bug.id))
 
                 try:
+                    self.verbose("Updating tags ...\n")
                     bug.tags.append('kernel-cve-tracking-bug')
+                    self.verbose("Marking as security ...\n")
                     bug.security_related = True
 
                     # Link the appropriate cve to the bug
-                    #
-                    found = False
-                    for cve in self.lp.launchpad.cves:
-                        if title in cve.display_name:
-                            found = True
-                            break
-                    if found:
-                        bug.lpbug.linkCVE(cve=cve)
+                    # Cannot safely use 'linkCVE' due to LP: #439470
+                    self.verbose("Linking to %s ..." % (title))
+                    bug.add_comment(content=title)
 
                     lp = self.lp.launchpad
                     ubuntu = lp.distributions["ubuntu"]
@@ -203,7 +200,9 @@  class CreateCveTracker(StdApp):
                     self.verbose("Adding additional packages")
                     pkgs = ['linux-fsl-imx51', 'linux-mvl-dove', 'linux-lts-backport-maverick', 'linux-ti-omap4']
                     for p in pkgs:
+                        self.verbose("Finding source package '%s' ..." % (p))
                         pkg = ubuntu.getSourcePackage(name=p)
+                        self.verbose("Adding bug task for '%s' ..." % (p))
                         t = bug.lpbug.addTask(target=pkg)
 
                     # Nominate for all active series