1 |
Use a regular expression to search for CVE ids in GLSA references. |
2 |
Import unicode_literals from __future__ since portage's Glsa class |
3 |
returns unicode strings for all python versions. |
4 |
|
5 |
Reported-by: Georg Weiss <gentoo@××××××××××.de> |
6 |
Bug: https://bugs.gentoo.org/692134 |
7 |
Signed-off-by: Zac Medico <zmedico@g.o> |
8 |
--- |
9 |
bin/glsa-check | 11 +++++++++-- |
10 |
1 file changed, 9 insertions(+), 2 deletions(-) |
11 |
|
12 |
diff --git a/bin/glsa-check b/bin/glsa-check |
13 |
index 95ef16fde..6bb2ee21e 100755 |
14 |
--- a/bin/glsa-check |
15 |
+++ b/bin/glsa-check |
16 |
@@ -2,9 +2,10 @@ |
17 |
# Copyright 1999-2019 Gentoo Authors |
18 |
# Distributed under the terms of the GNU General Public License v2 |
19 |
|
20 |
-from __future__ import print_function |
21 |
+from __future__ import print_function, unicode_literals |
22 |
|
23 |
import argparse |
24 |
+import re |
25 |
import sys |
26 |
import codecs |
27 |
from functools import reduce |
28 |
@@ -204,7 +205,13 @@ def summarylist(myglsalist, fd1=sys.stdout, fd2=sys.stderr, encoding="utf-8"): |
29 |
|
30 |
fd1.write(")") |
31 |
if list_cve: |
32 |
- fd1.write(" "+(",".join([r[:13] for r in myglsa.references if r[:4] in ["CAN-", "CVE-"]]))) |
33 |
+ cve_ids = [] |
34 |
+ for r in myglsa.references: |
35 |
+ m = re.search(r'(CAN|CVE)-[\d-]+', r) |
36 |
+ if m is not None: |
37 |
+ cve_ids.append(m.group(0)) |
38 |
+ if cve_ids: |
39 |
+ fd1.write(" "+(",".join(cve_ids))) |
40 |
fd1.write("\n") |
41 |
return 0 |
42 |
|
43 |
-- |
44 |
2.21.0 |