[Fedora-security-commits] fedora-security/tools/scripts add-cve-bug, 1.1.2.1, 1.1.2.2

[fedora-security-commits at redhat.com]

Author: lkundrak

Update of /cvs/fedora/fedora-security/tools/scripts
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv17388/scripts

Modified Files:
      Tag: lkundrak-tools-ng
	add-cve-bug 
Log Message:
Started Fedora-specific module, moved some bits in there



Index: add-cve-bug
===================================================================
RCS file: /cvs/fedora/fedora-security/tools/scripts/Attic/add-cve-bug,v
retrieving revision 1.1.2.1
retrieving revision 1.1.2.2
diff -u -r1.1.2.1 -r1.1.2.2
--- add-cve-bug	6 Jan 2008 03:31:54 -0000	1.1.2.1
+++ add-cve-bug	6 Jan 2008 12:48:45 -0000	1.1.2.2
@@ -28,6 +28,7 @@
 use Getopt::Long;
 use Data::Dumper;
 
+use Libexig::Fedora;
 use Libexig::CVE;
 use Libexig::Bugzilla;
 use Libexig::Util;
@@ -35,43 +36,11 @@
 use warnings;
 use strict;
 
-my %impact = (
-	'critical'	=> 'urgent',
-	'important'	=> 'high',
-	'moderate'	=> 'medium',
-	'low'		=> 'low',
-);
-
-
 # Command line options
 my ($cve, $interactive, $dryrun, $debug,
 	$username, $password, $component, $summary, $impact);
 
-# Get the text to include in the bug desc
-sub bug_desc
-{
-	my $cve = shift;
-	my $desc;
-	my $refs;
-
-	print "Getting a bug description from CVE\n" if $debug;
-
-	($desc, $refs) = cve ($cve);
-
-	die 'Cannot fetch CVE description; re-run with --interactive'
-		unless $desc or $interactive;
-
-	return
-		"Common Vulnerabilities and Exposures assigned an ".
-		"identifier $cve to the following vulnerability:".
-		"\n\n".
-		($desc ? $desc : '(Please paste the CVE details manually)').
-		"\n\n".
-		"References:\n\n".
-		($refs ? join ("\n", @{$refs}) : '(References here, one per line)');
-}
-
-# Parse command line options;
+# Parse command line options
 my %options;
 GetOptions(\%options,
 	'cve=s',
@@ -99,13 +68,26 @@
 $component	= $options{'component'}	or die 'component argument is mandatory';
 $summary	= $options{'summary'}	or die 'summary argument is mandatory';
 $impact		= ($options{'impact'}	or 'low');
-defined $impact{$impact} or die 'specified unrecognized impact value';
+defined $Libexig::Fedora::srt_bz_map{$impact} or die 'specified unrecognized impact value';
 
 $username	= ($options{'username'}	or $ENV{'LOGNAME'}.'@redhat.com');
 $password	= ($options{'password'}	or $dryrun or
 	read_noecho ("Bugzilla password for $username: "));
 	# TODO: add whiteboard option to fill in and get impact from it
 
+# Get CVE details from NVD or user
+
+print "Getting a bug description from CVE\n" if $debug;
+my ($desc, $refs) = cve ($cve);
+
+die 'Cannot fetch CVE description; re-run with --interactive'
+	unless $desc or $interactive;
+
+my $bug_desc = Libexig::Fedora::cve_bug_desc ($cve, $desc, $refs);
+$bug_desc = edit_string ($bug_desc) if $interactive;
+
+# File it in Bugzilla
+
 my $bugzilla = new Libexig::Bugzilla ({
 	'username'	=> $username,
 	'password'	=> $password,
@@ -113,33 +95,7 @@
 	'debug'		=> $debug,
 });
 
-my $bug_desc = bug_desc ($cve);
-$bug_desc = edit_string ($bug_desc) if $interactive;
-
-# Get CC list
-# TODO: get rid of duplicates
-my @cc;
-foreach (split (/,/,$component)) {
-	push (@cc,$bugzilla->owners ($_));
-}
-
-# File it in Bugzilla
-my %bug = (
-	'bug_file_loc'	=> "http://nvd.nist.gov/nvd.cfm?cvename=$cve",
-	'rep_platform'	=> 'All',
-	'op_sys'	=> 'Linux',
-	'short_desc'	=> "$cve $summary",
-	'keywords'	=> 'Security',
-	'product'	=> 'Security Response',
-	'comment'	=> $bug_desc,
-	'component'	=> 'vulnerability',
-	'bug_severity'	=> $impact{$impact},
-	'priority'	=> $impact{$impact},
-	'version'	=> 'unspecified',
-	'cc'		=> join (',', @cc),
-	'alias'		=> $cve,
-);
-
+my %bug = Libexig::Fedora::cve_bug ($cve, $component, $summary, $bug_desc, $impact, $bugzilla);
 print 'About to add this bug: '.Dumper(\%bug) if $debug;
 my $bug_id = $bugzilla->file_bug (\%bug);