[libvirt] [security-notice PATCH 0/9] various improvements to script for finding broken/fixed branches/tags

Daniel P. Berrangé berrange at redhat.com
Mon May 13 11:51:57 UTC 2019 

This series provides for much greater automation when publishing
details of security flaws. It is now possible to just provide the broken
and fixed commit hash on the master branch. All the tag info and details
of branches are now filled in automatically.

Daniel P. Berrangé (9):
  scripts: change data structures used to track branches & tags
  scripts: report vulnerable branches which don't have any tags too
  scripts: add ability to handle a fixed commit hash
  scripts: change to update notice files inplace
  scripts: allow for notices to have multiple commit hashes
  scripts: optimize tag to branch mapping
  scripts: add detection of cherry-picks in branches
  scripts: fuzzy matching on subject to identify unannotated cherry
    picks
  notices: re-generate all branch/tag info

 notices/2008/0001.xml             |   6 -
 notices/2009/0001.xml             |   2 +
 notices/2010/0001.xml             |   3 -
 notices/2010/0002.xml             |   3 -
 notices/2010/0004.xml             |   2 +-
 notices/2011/0001.xml             |  10 +-
 notices/2011/0002.xml             |   4 +
 notices/2012/0001.xml             |  14 +-
 notices/2012/0002.xml             |   2 +-
 notices/2012/0003.xml             |   4 +
 notices/2013/0001.xml             |   8 +
 notices/2013/0002.xml             |   8 +
 notices/2013/0003.xml             |  21 ++
 notices/2013/0005.xml             |   2 +-
 notices/2013/0006.xml             |   1 +
 notices/2013/0007.xml             |   2 +-
 notices/2013/0010.xml             |  16 +-
 notices/2013/0012.xml             |  28 ++-
 notices/2013/0015.xml             |   2 +-
 notices/2013/0016.xml             |  22 ++-
 notices/2013/0018.xml             | 102 +++++-----
 notices/2013/0020.xml             |  68 ++++---
 notices/2013/0021.xml             |   2 +-
 notices/2014/0001.xml             |   8 +
 notices/2014/0003.xml             | 107 ++++++++--
 notices/2014/0004.xml             |  25 ++-
 notices/2014/0005.xml             |  21 +-
 notices/2014/0006.xml             |  22 ++-
 notices/2014/0007.xml             |  18 +-
 notices/2014/0008.xml             |   6 +-
 notices/2014/0009.xml             |   5 +-
 notices/2014/0010.xml             |   8 +-
 notices/2015/0001.xml             |  10 +-
 notices/2015/0002.xml             |   6 +-
 notices/2015/0003.xml             |  14 +-
 notices/2015/0004.xml             |  13 +-
 notices/2016/0001.xml             |   4 +-
 notices/2016/0002.xml             |   1 +
 notices/2017/0001.xml             |   4 +-
 notices/2017/0002.xml             |   6 +-
 notices/2018/0001.xml             | 159 ++++++++++++++-
 notices/2018/0002.xml             | 158 ++++++++++++++-
 notices/2018/0003.xml             | 161 ++++++++++++++-
 notices/2018/0004.xml             | 159 ++++++++++++++-
 notices/2018/0005.xml             | 162 ++++++++++++++-
 notices/2019/0001.xml             |   2 +-
 notices/2019/0002.xml             |   2 +-
 scripts/report-vulnerable-tags.pl | 319 ++++++++++++++++++++++++++----
 48 files changed, 1507 insertions(+), 225 deletions(-)

-- 
2.21.0

More information about the libvir-list mailing list