Hi Salvatore, Am 12.12.2017 um 07:19 schrieb Salvatore Bonaccorso: [...] > I have made the above change now live/commited. The file is still thus > extensible and for futher (and future use). Thanks for your work on > that! (as a personal note on my side, would have prefered to get less > pressure).
Sorry, I didn't want to put pressure on you. The email was just a declaration of intent to NMU reportbug in Wheezy and a last call for further suggestions. I haven't got a reply from Sandro yet. I filed #878088 on 9.10 and attached my initial patch, pinged the bug report again on 3.11, asked for feedback on both mailing lists on 28.11, incorporated requested changes in the following days and eventually send the final call on 10.12. I believe there was plenty of time to react. If there is anything to change we can always do that in a another revision. > For jessie and stretch: such an update should go in via a point > release (like for the debian-security-support package updates). We > have not heard anything yet on the implementation side from the > maintainer, Sandro, did you got Markus updates/proposals? Your input > would be very appreciated :) I intend to submit a new version of reportbug with my patch (attached) for Jessie and Stretch next week. Regards, Markus
diff -Nru reportbug-7.1.7/bin/reportbug reportbug-7.1.7/bin/reportbug
--- reportbug-7.1.7/bin/reportbug 2017-05-29 22:00:17.000000000 +0200
+++ reportbug-7.1.7/bin/reportbug 2017-05-29 22:00:17.000000000 +0200
@@ -32,6 +32,8 @@
import optparse
import re
import locale
+import requests
+import json
import subprocess
import shlex
import email
@@ -1926,6 +1928,33 @@
listcc += ui.get_multiline(
'Enter any additional addresses this report should be sent to;
press ENTER after each address.')
+ # If the bug is reported against a package with a version that
+ # indicates a security update add the security or lts team to CC
+ # after user confirmation
+ is_security_update = False
+ if pkgversion:
+ regex = re.compile('(\+|~)deb(\d+)u(\d+)')
+ secversion = regex.search(pkgversion)
+ if secversion:
+ if ui.yes_no('Do you want to report a regression because of a
security update? ',
+ 'Yes, please inform the LTS and security teams.',
+ 'No or I am not sure.', True):
+ is_security_update = True
+ distnumber = secversion[2]
+ r =
requests.get('https://security-tracker.debian.org/tracker/distributions.json')
+ data = r.json()
+ support = 'none'
+ for key, value in data.items():
+ if distnumber in value['major-version']:
+ support = value['support']
+
+ if is_security_update and support != 'none':
+ if support == 'lts':
+ email_address = ['debian-...@lists.debian.org']
+ else:
+ email_address = ['t...@security.debian.org']
+ listcc.extend(email_address)
+
if severity and rtype:
severity = debbugs.convert_severity(severity, rtype)
signature.asc
Description: OpenPGP digital signature
