(opt, args) = parser.parse_args()
cves = dict()
config = cve_lib.read_config()
changed = False
dbfile = None
if len(args) < 1:
dbfile = config['usn_db_copy']
else:
dbfile = args[0]
if opt.debug:
print("Loading %s ..." % (dbfile), file=sys.stderr)
db = usn_lib.load_database(dbfile)
if len(args) < 2:
usns = sorted(db, key=lambda a: list(map(int, a.split('-'))))
else:
usns = args[1:]
for usn in usns:
if opt.debug:
print('Checking %s' % (usn), file=sys.stderr)
# Validate required fields
for field in ['description', 'title', 'summary']:
if field not in db[usn]:
raise ValueError("USN %s missing '%s' field" % (usn, field))
action="store_true")
parser.add_option("--priority",
help="Report only CVEs with a matching priority",
action="store",
metavar="PRIORITY")
parser.add_option("--action",
help="Change report style ('list'(default), 'plot'",
action="store",
metavar="ACTION",
default='list')
(opt, args) = parser.parse_args()
if not os.path.exists(opt.db):
print("Cannot read %s" % (opt.db), file=sys.stderr)
sys.exit(1)
db = usn_lib.load_database(opt.db)
releases = cve_lib.releases
for eol in cve_lib.eol_releases:
if eol in releases:
releases.remove(eol)
if opt.skip_devel and len(cve_lib.devel_release) > 0:
releases.remove(cve_lib.devel_release)
if opt.only_devel:
releases = [cve_lib.devel_release]
# Global CVE info cache
info = dict()
release = None
if args.git_stage:
if not args.update:
print('--git-stage option requires --update as well, exiting',
file=sys.stderr)
exit(1)
if not cve_lib.git_is_tree_clean(debug=True):
print(
'Please commit or stash your existing changes to UCT first. Aborting.',
file=sys.stderr)
exit(1)
if args.debug:
print("Loading %s ..." % (args.database), file=sys.stderr)
reverted = usn_lib.get_reverted()
ignored_description = usn_lib.get_ignored_description()
db = usn_lib.load_database(args.database)
usnlist = [args.usn]
if not args.usn:
usnlist = db
def extract_cve_descriptions(usn, usnnum):
descriptions = dict()
cves = set()
for cve in usn.get('cves', []):
if cve.startswith('CVE-'):
cves.add(cve)
if len(cves) == 0:
return descriptions
try:
"--cve-multiply",
help="Multiply USN counts by number of CVEs updated for that USN",
action='store_true',
default=False)
(opt, args) = parser.parse_args()
if opt.target not in ['usn', 'src', 'bin', 'cve']:
print >> sys.stderr, "Unknown target '%s'" % (opt.target)
sys.exit(1)
config = cve_lib.read_config()
db = None
db_filename = config['usn_db_copy']
if len(args) > 0:
db_filename = args.pop(0)
db = usn_lib.load_database(db_filename)
columns = ['total', 'untriaged'] + cve_lib.priorities
cves = dict()
if opt.target == 'cve':
cve_lib.read_config()
months = dict()
month_cves = dict()
for usn in sorted(db.keys()):
when = time.strftime('%Y-%m', time.gmtime(int(db[usn]['timestamp'])))
months.setdefault(when, dict())
for column in columns:
months[when].setdefault(column, 0)
month_cves.setdefault(when, 0)
help="When using --report, shows releases for each reported USN",
action='store_true')
(opt, args) = parser.parse_args()
cves = dict()
if len(args) < 2:
print >> sys.stderr, "Usage: %s IN-PICKLE OUT-PICKLE" % (sys.argv[0])
sys.exit(1)
db_in = args[0]
db_out = args[1]
if opt.debug:
print >> sys.stderr, "Loading %s ..." % (db_in)
db = usn_lib.load_database(db_in)
usns = sorted(db, key=lambda a: map(int, a.split('-')))
for usn in usns:
if opt.debug:
print >> sys.stderr, 'Checking %s' % (usn)
supported = False
eol = []
for rel in sorted(db[usn]['releases']):
eol.append(rel)
# Logic is a bit side-ways here to account for releases that cve_lib
# doesn't even admit to knowing about.
if rel in releases and (is_active_release(rel)
or is_active_esm_release(rel)):
supported = True
