Control: severity -1 important
If you set SUITE=stretch in /etc/default/debsecan debsecan fetches the
correct file. The bug for --suite= should still be corrected, and the
follwing patchset integrates the changes from Michael Stapelberg
previously suggested, but I think severity grave is overrated here.
Furthermore it's right that the debconf menu does not allows to choose
stretch and buster.
Regards,
Salvatore
>From 310cdcf9ac7e4a18d9ff9ed17733c007af599427 Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <car...@debian.org>
Date: Wed, 28 Jun 2017 12:20:53 +0200
Subject: [PATCH 1/2] Add support for stretch and buster
Make the files available at security-tracker.debian.org become
authoritative for what valid values are, as opposed to a hard-coded
list.
Allows one to choose as well stretch and buster in the debconf menu.
Thanks: Michael Stapelberg for the patch allowing any suite.
Closes: #789196
---
debian/debsecan.config | 2 +-
debian/debsecan.templates | 2 +-
src/debsecan | 10 +++++++---
3 files changed, 9 insertions(+), 5 deletions(-)
diff --git a/debian/debsecan.config b/debian/debsecan.config
index e882a26..9bacb68 100644
--- a/debian/debsecan.config
+++ b/debian/debsecan.config
@@ -10,7 +10,7 @@ CRONFILE=/etc/cron.d/debsecan
normalize_suite () {
case "$SUITE" in
- sarge|etch|lenny|squeeze|wheezy|jessie|sid)
+ sarge|etch|lenny|squeeze|wheezy|jessie|stretch|buster|sid)
;;
*)
SUITE=GENERIC
diff --git a/debian/debsecan.templates b/debian/debsecan.templates
index caa9f15..5cb4013 100644
--- a/debian/debsecan.templates
+++ b/debian/debsecan.templates
@@ -16,7 +16,7 @@ _Description: Email address to which daily reports should be sent:
Template: debsecan/suite
Type: select
-Choices: GENERIC, sarge, etch, lenny, squeeze, wheezy, jessie, sid
+Choices: GENERIC, sarge, etch, lenny, squeeze, wheezy, jessie, stretch, buster, sid
Default: GENERIC
_Description: Main suite from which packages are installed:
To present more useful data, debsecan needs to know
diff --git a/src/debsecan b/src/debsecan
index 96ba9c3..625ab2e 100644
--- a/src/debsecan
+++ b/src/debsecan
@@ -316,9 +316,7 @@ def parse_cli():
parser.add_option("--config", metavar="FILE",
help="sets the name of the configuration file",
default='/etc/default/debsecan')
- parser.add_option("--suite", type="choice",
- choices=['woody', 'sarge', 'etch', 'lenny', 'squeeze', 'wheezy',
- 'jessie', 'sid'],
+ parser.add_option("--suite",
help="set the Debian suite of this installation")
parser.add_option("--source", metavar="URL",
help="sets the URL for the vulnerability information")
@@ -531,6 +529,12 @@ def fetch_data(options, config):
# In cron mode, we suppress almost all errors because we
# assume that they are due to lack of Internet connectivity.
except urllib2.HTTPError, e:
+ if e.code == 404:
+ sys.stderr.write("error: while downloading %s:\n%s\n" % (url, e))
+ if options.suite:
+ sys.stderr.write("Are you sure \"%s\" is a Debian codename?\n" %
+ (options.suite))
+ sys.exit(1)
if (not options.cron) or e.code == 404:
sys.stderr.write("error: while downloading %s:\n%s\n" % (url, e))
sys.exit(1)
--
2.13.2
>From 6306251233bdc011d76dcd1adc46b2a302952a16 Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <car...@debian.org>
Date: Wed, 28 Jun 2017 12:44:08 +0200
Subject: [PATCH 2/2] Remove choices for obsolted sarge, etch, lenny and
squeeze
---
debian/debsecan.config | 2 +-
debian/debsecan.templates | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/debian/debsecan.config b/debian/debsecan.config
index 9bacb68..c6943a2 100644
--- a/debian/debsecan.config
+++ b/debian/debsecan.config
@@ -10,7 +10,7 @@ CRONFILE=/etc/cron.d/debsecan
normalize_suite () {
case "$SUITE" in
- sarge|etch|lenny|squeeze|wheezy|jessie|stretch|buster|sid)
+ wheezy|jessie|stretch|buster|sid)
;;
*)
SUITE=GENERIC
diff --git a/debian/debsecan.templates b/debian/debsecan.templates
index 5cb4013..785d6cb 100644
--- a/debian/debsecan.templates
+++ b/debian/debsecan.templates
@@ -16,7 +16,7 @@ _Description: Email address to which daily reports should be sent:
Template: debsecan/suite
Type: select
-Choices: GENERIC, sarge, etch, lenny, squeeze, wheezy, jessie, stretch, buster, sid
+Choices: GENERIC, wheezy, jessie, stretch, buster, sid
Default: GENERIC
_Description: Main suite from which packages are installed:
To present more useful data, debsecan needs to know
--
2.13.2
