search

nottrobin / ubuntu-cve-tracker

6 stars 5 forks source link

cve_lib.py retrun pretty patches #3

Closed albertkol closed 4 years ago

albertkol commented 4 years ago

I working with scripts/cve_lib.py. I am trying to fetch the CVE's tags and patches and send them to ubuntu.com.

I couldn't help noticing the different way cve_lib returns tags (or pkg) and how it returns patches.

I am using CVE-2012-4542 as an example.

Tags are returned nicely like this:

'tags': {
    'linux-armadaxp': {'not-ue'},
    'linux-lts-quantal': {'not-ue'},
    'linux-lts-saucy': {'not-ue'}
},

While patches are separate items of the cve dict:

 'Patches_linux-ec2': '',
 'Patches_linux-mvl-dove': '',
 'Patches_linux-ti-omap4': '',
 'Patches_linux-lts-backport-maverick': '',
 'Patches_linux-fsl-imx51': '',
 'Patches_linux-lts-backport-oneiric': '',
 'Patches_linux-linaro-omap': '',
 'Patches_linux-linaro-shared': '',
 'Patches_linux-linaro-vexpress': '',
 'Patches_linux-qcm-msm': '',
 'Patches_linux-armadaxp': '',
 'Patches_linux-lts-quantal': 'DNE',

It would be nice if patches would follow a similar structure as tags:

'patches': {
    'linux-ec2': {''},
    'linux-mvl-dove': {''},
    'linux-ti-omap4': {''}
},
nottrobin commented 4 years ago

Hi @albertkol - I'm afraid this is not the right place to file this issue. This is just a fork of https://launchpad.net/ubuntu-cve-tracker, so I suggest you file this issue at https://bugs.launchpad.net/ubuntu-cve-tracker.