1 |
commit: ea1e8468c971e99dc317c3f2e8d8242366ffb426 |
2 |
Author: Zac Medico <zmedico <AT> gentoo <DOT> org> |
3 |
AuthorDate: Sun Sep 1 03:54:54 2019 +0000 |
4 |
Commit: Zac Medico <zmedico <AT> gentoo <DOT> org> |
5 |
CommitDate: Sun Sep 1 17:56:20 2019 +0000 |
6 |
URL: https://gitweb.gentoo.org/proj/portage.git/commit/?id=ea1e8468 |
7 |
|
8 |
glsa-check: fix truncated CVE ids in listmode (bug 692134) |
9 |
|
10 |
Use a regular expression to search for CVE ids in GLSA references. |
11 |
Import unicode_literals from __future__ since portage's Glsa class |
12 |
returns unicode strings for all python versions. |
13 |
|
14 |
Reported-by: Georg Weiss <gentoo <AT> georgweiss.de> |
15 |
Bug: https://bugs.gentoo.org/692134 |
16 |
Signed-off-by: Zac Medico <zmedico <AT> gentoo.org> |
17 |
|
18 |
bin/glsa-check | 11 +++++++++-- |
19 |
1 file changed, 9 insertions(+), 2 deletions(-) |
20 |
|
21 |
diff --git a/bin/glsa-check b/bin/glsa-check |
22 |
index 95ef16fde..6bb2ee21e 100755 |
23 |
--- a/bin/glsa-check |
24 |
+++ b/bin/glsa-check |
25 |
@@ -2,9 +2,10 @@ |
26 |
# Copyright 1999-2019 Gentoo Authors |
27 |
# Distributed under the terms of the GNU General Public License v2 |
28 |
|
29 |
-from __future__ import print_function |
30 |
+from __future__ import print_function, unicode_literals |
31 |
|
32 |
import argparse |
33 |
+import re |
34 |
import sys |
35 |
import codecs |
36 |
from functools import reduce |
37 |
@@ -204,7 +205,13 @@ def summarylist(myglsalist, fd1=sys.stdout, fd2=sys.stderr, encoding="utf-8"): |
38 |
|
39 |
fd1.write(")") |
40 |
if list_cve: |
41 |
- fd1.write(" "+(",".join([r[:13] for r in myglsa.references if r[:4] in ["CAN-", "CVE-"]]))) |
42 |
+ cve_ids = [] |
43 |
+ for r in myglsa.references: |
44 |
+ m = re.search(r'(CAN|CVE)-[\d-]+', r) |
45 |
+ if m is not None: |
46 |
+ cve_ids.append(m.group(0)) |
47 |
+ if cve_ids: |
48 |
+ fd1.write(" "+(",".join(cve_ids))) |
49 |
fd1.write("\n") |
50 |
return 0 |