Control: tags -1 - pending Hi Holger,
On Fri, Sep 12, 2014 at 12:19:06PM +0200, Holger Levsen wrote: > attached is a patch to lib/python/web_support.py which turns the notes (used > in CVEs) into hyperlinks - if they start with http(s):// > > Please tell me whether it's ok to commit this. I had a look at this patch. It can only address isolated URLs in the notes this way. We usually use this in other ways, one example is that was Florian mentioned in the first message: Note: see https://.... which should turn into see <a href='http://www.example.com/info.html'><code>http://www.example.com/info.html</code></a> Other examples were we use the free form extensively is when we document which commits introduced a given problem, where fixed, etc: I'm adding also the corresponding note, as this might change when looking next time into it: - https://security-tracker.debian.org/tracker/CVE-2014-3620 NOTE: http://curl.haxx.se/docs/adv_20140910B.html NOTE: Introduced by https://github.com/bagder/curl/commit/85b9dc8023 - https://security-tracker.debian.org/tracker/CVE-2014-3145 NOTE: Upstream fix https://git.kernel.org/linus/05ab8f2647e4221cbdb3856dd7d32bd5407316b3 NOTE: Introduced by https://git.kernel.org/linus/4738c1db1593687713869fa69e733eebc7b0d6d8 NOTE: https://git.kernel.org/linus/d214c7537bbf2f247991fb65b3420b0b3d712c67 - https://security-tracker.debian.org/tracker/CVE-2014-3122 NOTE: Introduced by https://git.kernel.org/linus/b291f000393f5a0b679012b39d79fbc85c018233 NOTE: Fixed by https://git.kernel.org/linus/57e68e9cd65b4b8eb4045a1e0d0746458502554c (v3.15-rc1) the last one is particulary interessant as it contains normal text before, and after a reference which should be turned into a link. There is one other problematic example with the patch, where we have notes starting with http(s), but adding explanations/further text afterwards: - https://security-tracker.debian.org/tracker/CVE-2014-6387 NOTE: http://www.mantisbt.org/bugs/view.php?id=17640 NOTE: http://github.com/mantisbt/mantisbt/commit/215968fa8 (1.2.x branch) NOTE: http://github.com/mantisbt/mantisbt/commit/fc02c46ee (master branch) So we would need something more complicated here, isolating first the urls in the text and converting that part, but keeping the surrounding ones. Thanks for also looking into this one! Regards, Salvatore -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
