(opt, args) = parser.parse_args() cves = dict() config = cve_lib.read_config() changed = False dbfile = None if len(args) < 1: dbfile = config['usn_db_copy'] else: dbfile = args[0] if opt.debug: print("Loading %s ..." % (dbfile), file=sys.stderr) db = usn_lib.load_database(dbfile) if len(args) < 2: usns = sorted(db, key=lambda a: list(map(int, a.split('-')))) else: usns = args[1:] for usn in usns: if opt.debug: print('Checking %s' % (usn), file=sys.stderr) # Validate required fields for field in ['description', 'title', 'summary']: if field not in db[usn]: raise ValueError("USN %s missing '%s' field" % (usn, field))
action="store_true") parser.add_option("--priority", help="Report only CVEs with a matching priority", action="store", metavar="PRIORITY") parser.add_option("--action", help="Change report style ('list'(default), 'plot'", action="store", metavar="ACTION", default='list') (opt, args) = parser.parse_args() if not os.path.exists(opt.db): print("Cannot read %s" % (opt.db), file=sys.stderr) sys.exit(1) db = usn_lib.load_database(opt.db) releases = cve_lib.releases for eol in cve_lib.eol_releases: if eol in releases: releases.remove(eol) if opt.skip_devel and len(cve_lib.devel_release) > 0: releases.remove(cve_lib.devel_release) if opt.only_devel: releases = [cve_lib.devel_release] # Global CVE info cache info = dict() release = None
if args.git_stage: if not args.update: print('--git-stage option requires --update as well, exiting', file=sys.stderr) exit(1) if not cve_lib.git_is_tree_clean(debug=True): print( 'Please commit or stash your existing changes to UCT first. Aborting.', file=sys.stderr) exit(1) if args.debug: print("Loading %s ..." % (args.database), file=sys.stderr) reverted = usn_lib.get_reverted() ignored_description = usn_lib.get_ignored_description() db = usn_lib.load_database(args.database) usnlist = [args.usn] if not args.usn: usnlist = db def extract_cve_descriptions(usn, usnnum): descriptions = dict() cves = set() for cve in usn.get('cves', []): if cve.startswith('CVE-'): cves.add(cve) if len(cves) == 0: return descriptions try:
"--cve-multiply", help="Multiply USN counts by number of CVEs updated for that USN", action='store_true', default=False) (opt, args) = parser.parse_args() if opt.target not in ['usn', 'src', 'bin', 'cve']: print >> sys.stderr, "Unknown target '%s'" % (opt.target) sys.exit(1) config = cve_lib.read_config() db = None db_filename = config['usn_db_copy'] if len(args) > 0: db_filename = args.pop(0) db = usn_lib.load_database(db_filename) columns = ['total', 'untriaged'] + cve_lib.priorities cves = dict() if opt.target == 'cve': cve_lib.read_config() months = dict() month_cves = dict() for usn in sorted(db.keys()): when = time.strftime('%Y-%m', time.gmtime(int(db[usn]['timestamp']))) months.setdefault(when, dict()) for column in columns: months[when].setdefault(column, 0) month_cves.setdefault(when, 0)
help="When using --report, shows releases for each reported USN", action='store_true') (opt, args) = parser.parse_args() cves = dict() if len(args) < 2: print >> sys.stderr, "Usage: %s IN-PICKLE OUT-PICKLE" % (sys.argv[0]) sys.exit(1) db_in = args[0] db_out = args[1] if opt.debug: print >> sys.stderr, "Loading %s ..." % (db_in) db = usn_lib.load_database(db_in) usns = sorted(db, key=lambda a: map(int, a.split('-'))) for usn in usns: if opt.debug: print >> sys.stderr, 'Checking %s' % (usn) supported = False eol = [] for rel in sorted(db[usn]['releases']): eol.append(rel) # Logic is a bit side-ways here to account for releases that cve_lib # doesn't even admit to knowing about. if rel in releases and (is_active_release(rel) or is_active_esm_release(rel)): supported = True