diff options
| author |   Bjoern Tropf <asymmail@googlemail.com> | 2009-08-23 10:11:28 +0200 |
|---|---|---|
| committer | Bjoern Tropf <asymmail@googlemail.com> | 2009-08-23 10:11:28 +0200 |
| commit | 3dbc04e6164f817ff5949514760361615f124a8d (patch) | |
| tree | 947e8ca3b20f51cba08210d41ac0d7db1d448a61 | |
| parent | Implement genpatches (diff) | |
| download | kernel-check-3dbc04e6164f817ff5949514760361615f124a8d.tar.gz kernel-check-3dbc04e6164f817ff5949514760361615f124a8d.tar.bz2 kernel-check-3dbc04e6164f817ff5949514760361615f124a8d.zip | |
Fix several bugs
| -rwxr-xr-x | kernel-check.py | 26 | ||||
| -rwxr-xr-x | kernellib.py | 10 |
2 files changed, 24 insertions, 12 deletions
diff --git a/kernel-check.py b/kernel-check.py index 22467ba..74a6eae 100755 --- a/kernel-check.py +++ b/kernel-check.py @@ -102,16 +102,20 @@ def main(argv): color('GOOD', str(bundle.fixed))) if len(bundle.notfix): - warn('%s have not been fixed yet.' % - color('WARN', str(len(bundle.notfix)))) - if lib.VERBOSE: + if not lib.VERBOSE: + warn('%s have not been fixed yet.' % + color('WARN', str(len(bundle.notfix)))) + else: + print '' + warn('%s have not been fixed yet:' % + color('WARN', str(len(bundle.notfix)))) print_summary(bundle.notfix) else: info('No vulnerabilities have not been fixed yet.') if len(bundle.canfix): - error('%s can be fixed by upgrading.' % + error('%s can be fixed by upgrading:' % color('BAD', str(len(bundle.canfix)))) else: info('No vulnerability can be fixed by upgrading.') @@ -149,11 +153,16 @@ def print_summary(vullist): for item in vullist: print '' + whiteboard = str() + for interval in item.affected: + whiteboard += '[' + str(interval) + '] ' + if len(item.cves) is 0: #TODO Explicit cve score instead of 0.0 - print '\nBugid %s %-32s %s\n"%s..."' % (item.bugid, + print '\nBugid %s %-32s %s %s\n"%s..."' % (item.bugid, color('GOOD', 'Low' + ' (' + str(0.0) + ')'), - color('BRACKET', lib.NOCVE), lib.NOCVEDESC[:term[1]-6]) + color('BRACKET', lib.NOCVE), whiteboard, + lib.NOCVEDESC[:term[1]-6]) for cve in item.cves: severity = 'BAD' @@ -162,9 +171,10 @@ def print_summary(vullist): elif cve.severity == 'Medium': severity = 'WARN' - print '\nBugid %s %-32s %s\n"%s..."' % (item.bugid, + print '\nBugid %s %-32s %s %s\n"%s..."' % (item.bugid, color(severity, cve.severity + ' (' + cve.score + ')'), - color('BRACKET', cve.cve), cve.desc[:term[1]-6]) + color('BRACKET', cve.cve), whiteboard, + cve.desc[:term[1]-6]) print '\n' diff --git a/kernellib.py b/kernellib.py index 8551fdc..8ad8116 100755 --- a/kernellib.py +++ b/kernellib.py @@ -690,7 +690,7 @@ def parse_cve_files(directory, kernel, kernel_gp, arch): for item in files: affected.number += 1 - kernel_gentoo = (kernel.source == 'gentoo') + kernel_gentoo = (kernel.source == 'gentoo' and kernel_gp is not None) kernel_affected = False kernel_linux_affected = False kernel_gp_affected = False @@ -710,7 +710,7 @@ def parse_cve_files(directory, kernel, kernel_gp, arch): for interval in item.affected: if interval.name == 'genpatches': gentoo_interval = True - if kernel.source == 'gentoo': + if kernel_gentoo: if is_in_interval(interval, kernel_gp, item): kernel_genpatch_aff = True @@ -724,7 +724,7 @@ def parse_cve_files(directory, kernel, kernel_gp, arch): if linux_interval: if kernel_linux_affected: - if gentoo_interval and kernel.source == 'gentoo': + if gentoo_interval and kernel_gentoo: if kernel_gp_affected: kernel_affected = True else: @@ -775,7 +775,9 @@ def bundle_affected(kernel, best): for item in kernel.affected: if item not in best.affected: bundle.canfix.append(item) - else: + + for item in best.affected: + if item not in bundle.canfix: bundle.notfix.append(item) return bundle |