[Fedora-security-commits] fedora-security/tools/scripts add-cve-bug, 1.1.2.1, 1.1.2.2
fedora-security-commits at redhat.com
fedora-security-commits at redhat.com
Sun Jan 6 12:48:47 UTC 2008
- Previous message (by thread): [Fedora-security-commits] fedora-security/tools/scripts add-cve-bug, NONE, 1.1.2.1 add-issue, NONE, 1.1.2.1 add-tracking-bugs, NONE, 1.1.2.1 check-updates, NONE, 1.1.2.1 generate-manifest, NONE, 1.1.2.1 get-cve, NONE, 1.1.2.1 package-release, NONE, 1.1.2.1 parse-announce, NONE, 1.1.2.1 suidaudit, NONE, 1.1.2.1 update-cve-cache, NONE, 1.1.2.1
- Next message (by thread): [Fedora-security-commits] fedora-security/tools/lib/Libexig Fedora.pm, NONE, 1.1.2.1
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: lkundrak
Update of /cvs/fedora/fedora-security/tools/scripts
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv17388/scripts
Modified Files:
Tag: lkundrak-tools-ng
add-cve-bug
Log Message:
Started Fedora-specific module, moved some bits in there
Index: add-cve-bug
===================================================================
RCS file: /cvs/fedora/fedora-security/tools/scripts/Attic/add-cve-bug,v
retrieving revision 1.1.2.1
retrieving revision 1.1.2.2
diff -u -r1.1.2.1 -r1.1.2.2
--- add-cve-bug 6 Jan 2008 03:31:54 -0000 1.1.2.1
+++ add-cve-bug 6 Jan 2008 12:48:45 -0000 1.1.2.2
@@ -28,6 +28,7 @@
use Getopt::Long;
use Data::Dumper;
+use Libexig::Fedora;
use Libexig::CVE;
use Libexig::Bugzilla;
use Libexig::Util;
@@ -35,43 +36,11 @@
use warnings;
use strict;
-my %impact = (
- 'critical' => 'urgent',
- 'important' => 'high',
- 'moderate' => 'medium',
- 'low' => 'low',
-);
-
-
# Command line options
my ($cve, $interactive, $dryrun, $debug,
$username, $password, $component, $summary, $impact);
-# Get the text to include in the bug desc
-sub bug_desc
-{
- my $cve = shift;
- my $desc;
- my $refs;
-
- print "Getting a bug description from CVE\n" if $debug;
-
- ($desc, $refs) = cve ($cve);
-
- die 'Cannot fetch CVE description; re-run with --interactive'
- unless $desc or $interactive;
-
- return
- "Common Vulnerabilities and Exposures assigned an ".
- "identifier $cve to the following vulnerability:".
- "\n\n".
- ($desc ? $desc : '(Please paste the CVE details manually)').
- "\n\n".
- "References:\n\n".
- ($refs ? join ("\n", @{$refs}) : '(References here, one per line)');
-}
-
-# Parse command line options;
+# Parse command line options
my %options;
GetOptions(\%options,
'cve=s',
@@ -99,13 +68,26 @@
$component = $options{'component'} or die 'component argument is mandatory';
$summary = $options{'summary'} or die 'summary argument is mandatory';
$impact = ($options{'impact'} or 'low');
-defined $impact{$impact} or die 'specified unrecognized impact value';
+defined $Libexig::Fedora::srt_bz_map{$impact} or die 'specified unrecognized impact value';
$username = ($options{'username'} or $ENV{'LOGNAME'}.'@redhat.com');
$password = ($options{'password'} or $dryrun or
read_noecho ("Bugzilla password for $username: "));
# TODO: add whiteboard option to fill in and get impact from it
+# Get CVE details from NVD or user
+
+print "Getting a bug description from CVE\n" if $debug;
+my ($desc, $refs) = cve ($cve);
+
+die 'Cannot fetch CVE description; re-run with --interactive'
+ unless $desc or $interactive;
+
+my $bug_desc = Libexig::Fedora::cve_bug_desc ($cve, $desc, $refs);
+$bug_desc = edit_string ($bug_desc) if $interactive;
+
+# File it in Bugzilla
+
my $bugzilla = new Libexig::Bugzilla ({
'username' => $username,
'password' => $password,
@@ -113,33 +95,7 @@
'debug' => $debug,
});
-my $bug_desc = bug_desc ($cve);
-$bug_desc = edit_string ($bug_desc) if $interactive;
-
-# Get CC list
-# TODO: get rid of duplicates
-my @cc;
-foreach (split (/,/,$component)) {
- push (@cc,$bugzilla->owners ($_));
-}
-
-# File it in Bugzilla
-my %bug = (
- 'bug_file_loc' => "http://nvd.nist.gov/nvd.cfm?cvename=$cve",
- 'rep_platform' => 'All',
- 'op_sys' => 'Linux',
- 'short_desc' => "$cve $summary",
- 'keywords' => 'Security',
- 'product' => 'Security Response',
- 'comment' => $bug_desc,
- 'component' => 'vulnerability',
- 'bug_severity' => $impact{$impact},
- 'priority' => $impact{$impact},
- 'version' => 'unspecified',
- 'cc' => join (',', @cc),
- 'alias' => $cve,
-);
-
+my %bug = Libexig::Fedora::cve_bug ($cve, $component, $summary, $bug_desc, $impact, $bugzilla);
print 'About to add this bug: '.Dumper(\%bug) if $debug;
my $bug_id = $bugzilla->file_bug (\%bug);
- Previous message (by thread): [Fedora-security-commits] fedora-security/tools/scripts add-cve-bug, NONE, 1.1.2.1 add-issue, NONE, 1.1.2.1 add-tracking-bugs, NONE, 1.1.2.1 check-updates, NONE, 1.1.2.1 generate-manifest, NONE, 1.1.2.1 get-cve, NONE, 1.1.2.1 package-release, NONE, 1.1.2.1 parse-announce, NONE, 1.1.2.1 suidaudit, NONE, 1.1.2.1 update-cve-cache, NONE, 1.1.2.1
- Next message (by thread): [Fedora-security-commits] fedora-security/tools/lib/Libexig Fedora.pm, NONE, 1.1.2.1
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the Fedora-security-commits
mailing list